Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2190
Views
5
Helpful
5
Replies

Jabber LDAPS İntegration

pawn
Level 1
Level 1

‎06-11-2021 02:33 AM

Hello ,

 

We have configured ldaps in cucm , ldap directory and ldap authentication is configured with TLS port 636 ...

AD server certficate is deployed all cucm and imp nodes as Tomcat-Trust .

 

Now we can login jabber via MRA successfully but we have certificate alert for jabber clients (ad server cert.) we are accepting this cert then eveything works fine . But sometimes certf. warning appaers again and again espacilly when user signed out and sign in again , also some users said that when jabber running in background mode after a while certf. warning appears again .

 

i saw this note in cisco document but i remember that when i try 3269 instead of port 636 authentication was not working , it just working with 636 .

 

Note: If you have Jabber clients, it is recommended to use port 3269 for LDAPS Authentication, since Jabber timeout for login can occur if a secure connection to the global catalog server is not specified.

 

We do not have any directoy configuration in uc profile by the way

 

What can we do to fix ad certf. warnings for jabber clients...

 

Thanks.

 

Labels:
5 Replies 5

Rajan
VIP Alumni
VIP Alumni

‎06-11-2021 02:41 AM

Hi,

 

Can you check the details of the certificate presented and confirm which certificate is that. once you identify the cert, please make sure the root certificate to trust the presented certificate is available in the Trusted store of machines in which Jabber is installed.

 

HTH
Rajan
Please rate all useful posts by clicking the star below and mark solutions as accepted wherever applicable

0 Helpful

Nithin Eluvathingal
VIP
VIP

‎06-11-2021 02:47 AM

Find out for which certificate it’s shows warning?   The certificate warning is for MRA user or locally login users ? 

 



Response Signature


0 Helpful

pawn
Level 1
Level 1

‎06-11-2021 03:09 AM

AD server certificate which i installed as Tomcat-Trust in uc nodes . They are using jabber for android and ios . Once we accept the certficate jabber working properly but sometimes espacially when sign-out-in and jabber running  in backgroud . certificate warning appearing again and again .  By the way we have 2 redundant ad server and their certficates are imported in uc nodes. i can understand for 2 times certificate warnings for 2 servers but once we accept them why we are see same warnings again ..

0 Helpful

Nithin Eluvathingal
VIP
VIP
In response to pawn

‎06-11-2021 04:41 AM

Can you have a look on the certificate details like what certificate, which server, is it valid etc..  before accepting it .

This happened over MRA or locally when user login ? 



Response Signature


0 Helpful

Roger Kallberg
VIP
VIP
In response to pawn

‎06-11-2021 04:47 AM - edited ‎06-11-2021 04:49 AM

Do you have an internal CA that sign the AD certificates? If so you should not need to have the individual certificates for the AD servers in the trust store of the CM/IMP servers or on the clients. It should be enough to put the CA certificates into these trust stores.

About the global catalog port not working. Have you verified that you have this setup on the AD servers?



Response Signature


0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents