cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5998
Views
6
Helpful
14
Replies

Jabber LDAP Mapping

AmbryTodd
Level 1
Level 1

Question... When you click a user in jabber and right click and hit view profile you can see a field that says "Address" What field in active directory is this calling out for? I filled out the address field in AD and it is not pulling over.

Below is the ldap mapping fields i have on my presence server mappings for messenger. I cannot seem to get any field to pull this info into jabber. Or maybe is there a force sync for ldap i need to do to force the settings?

ad.PNG

1 Accepted Solution

Accepted Solutions

When you chose UDS, Jabber doesn't query LDAP. Instead, it uses an API on CUCM itself and is limited to data held in CUCM's database, specifically the End User table. None of the address attributes are currently saved by CUCM when it syncs with LDAP.

You would need to change to either EDI or BDI to get address data. Note that the upcoming VPN-less remote access solution will require UDS since it uses an HTTPS/SIP reverse proxy and not a full VPN tunnel. My advise would be to keep UDS and tell people to look in the Outlook GAL if they really need to see address information.

Please remember to rate helpful responses and identify helpful or correct answers.

View solution in original post

14 Replies 14

Hi Todd,

Here's the attribute mapping

http://www.cisco.com/en/US/docs/voice_ip_comm/jabber/Windows/9_2/JABW_BK_C9731738_00_jabber-windows-install-config_chapter_0101.html#JABW_RF_AA1BEF05_00

From what I see we use the streetAddress attribute from AD. These are the default values and of course you can change them by modifying the jabber-config.xml

HTH,

Christos

I cannot seem to get it to pull in... Here is basically what i did below from AD and then did a sync in CUCM and waited 24hours to make sure presence would do an AD sync and still isint pulling it in.

I just cant seem to figure out why it will not pull in.

I did some testing in my lab and indeed if you feel in the Street field the value is populated in the streetAddress attribute.

Can you check if that is the case ? You can use any LDAP browser and a read access account to check it out or ADSIEdit tool from the AD (watch out with that)

Regards,

Christos

Do you think it can be my jabber-config.xml file? only thing i can think of is this line.. I did it for pictures, we dont have pictures in our AD. However all the other fields pull in from AD like phone # and Job Title. shown below as well.

I used JXplorer and in the table editor i see StreetAddress as the field i changed it to. So it seems doing an LDAP query finds it.

UDS

  http://wiki/employee_photos/%%uid%%.jpg

When you chose UDS, Jabber doesn't query LDAP. Instead, it uses an API on CUCM itself and is limited to data held in CUCM's database, specifically the End User table. None of the address attributes are currently saved by CUCM when it syncs with LDAP.

You would need to change to either EDI or BDI to get address data. Note that the upcoming VPN-less remote access solution will require UDS since it uses an HTTPS/SIP reverse proxy and not a full VPN tunnel. My advise would be to keep UDS and tell people to look in the Outlook GAL if they really need to see address information.

Please remember to rate helpful responses and identify helpful or correct answers.

Changing it to EDI worked right away.

Jonathon where can I read more about that? I wonder if we will even want to use that at our company. Are you saying people can access our corp presence without a VPN connection?

also one last question sort of unrelated. I was never able to get the msi to compile with our Connection settings for server type of presence and the login server for our presence and domain name. But I did update the jabber config and added these lines.

   10.1.0.2

   company.local

However I realized when installing jabber it doesnt call out to the config until it actually connects after entering these commands for the first time... What is the point of adding these fields if it cannot populate to the install anyway?

The product hasn't shipped yet so is technically still under NDA. I'm limiting my mention to it to what I said above; since I have seen Cisco employees state that much publicly already I'm not disclosing something new. Reach out to your Cisco AM if you want additional details.

Those fields are not in the public XML schema that you upload to CUCM TFTP. Those are added to the local cached copy of the file and are what the IM&P cluster has told the client is it's primary server in the cluster. This way the client can start there at subsiquent logins instead of going through discovery again.

Ideally, you want to put the DNS SRV records in place instead of embedding it into the MSI file. The most you want to do to the MSI is set it to cloud or on-prem and maybe the language.

Please remember to rate helpful responses and identify helpful or correct answers.

Jonathon, thanks for the reply. I guess I am asking more is it a jabber client we are talking about or a change to the Presence server?

Thanks for the DNS SRV records area. I will look into implementing that.

Sorry Jonathon one more question. with the DNS SRV am i putting that on my main forward lookup zone on the domain.local tcp section? or am i putting it on the reverse lookup on the voice network?

below is a ss from the dns. is this basically what i want to do? i created a dns record for "cups" to resolve to the ip for the CUP server.

It goes in a Forward Lookup Zone but it needs to be the same one that user workstations/devices will get in their DHCP lease. Essentially Jabber does the lookup in _cuplogin._tcp.

Please remember to rate helpful responses and identify helpful or correct answers.

Jonathon,

It is still not working. I did a fresh install of jabber (grabbed the msi and installed from my desktop) launched it and still get the box that pops up. It saves it after the first entry but this is more of a communal area where users switch who is using the PC where its an issue. I included my nslookup to show it appears to be working.

You still need to use an MST (e.g. Microsoft ORCA) to answer those two radio buttons automatically. The DNS SRV record only allows you to skip entering the server address .

Please remember to rate helpful responses and identify helpful or correct answers.

Yeah for some reason i cannot get the orca to save. always errors out. there is a thread on here with other people that have the same issue. guess i will have to deal with it as is. Thanks anyway.

So I ran into an issue. If i set it to EDI for some reason users who VPN in and try to use jabber for phone calls dont get the option to call. going to Help -> show connection status it doesnt seem to show it connecting to the directory. But if i switch it back to the UDS it allows to call but it still shows error in the directory. Thoughts? Local users have no problem just VPN users.