Hi,

Thanks for your reply, i saw this doc earlier, but i have something different here as I mentioned.

Apart from the domain difference, the email iD is also different from the user-ID, for example user-ID will be johnsmith@extdomain.com whereas email-ID will be jsmith@domain3.com

I don't believe that works or is supported.

The lookup is going to be based on domain, then back to UDS search in the CM, then off to CUPS to authenticate I believe. So, johnsmith@domain3.com would discover services @domain3.com, then try ID johnsmith which should resolve on UDS. Beyond that I am not sure at that point if things will break further if you are synchronizing URIs with domain3.com and URIs are in use for CUPS.

I just tested a <userid>@<some other domain which points to my expressway cluster> and that worked just fine after authentication, but, userid maps, and really has no bearing on email.

While not saying if it's possible or not, I would consider trying to align your userIDs with the user portion of the email address the customer users, which works well in this product's design.

Hi,

I changed the LDAP attribute for user ID to mail, in the CUCM LDAP system configuration, now i can see the user-id has changed to the email-ID (userid changed from johnsmith to jsmith@domain3.com), and now i can login to the CUCM with the new user-ID (jsmith@domain3.com).

I created SRV records with the new domain internally and externally

(Internal -> nslookup -q=srv _cisco-uds._tcp.collab3.com

External -> nslookup -q=srv _collab-edge._tls.collab3.com)

Now am able to login jabber internally, but externally it is giving error 'Cannot communicate with the server'. In the PRT i can see the below:

CAS lookup request unsuccessful with domain: collab3.com

I have attached the logs that i took while i tested in my lab (in the logs the actual domain is cciecollab.cisco.com and email id domain is domain3.com)

You will want to look at the Expressway logs to see why it is rejecting you:

2021-01-14 17:19:56,141 DEBUG [0x000019dc] [netutils\src\http\CurlHttpUtils.cpp(217)] [csf.httpclient] [csf::http::CurlHttpUtils::curlTraceCallback] - Request #76 post connect phase: 'Connected to cfgexpehq.cciecollab.cisco.com (142.100.64.21) port 8443 (#3)'

2021-01-14 17:19:56,141 DEBUG [0x000019dc] [netutils\src\http\CurlHttpUtils.cpp(811)] [csf.httpclient] [csf::http::CurlHttpUtils::curlHeaderCallback] - Request #76 got status line: HTTP/1.1 403 Forbidden
2021-01-14 17:19:56,141 DEBUG [0x000019dc] [netutils\src\http\CurlHttpUtils.cpp(791)] [csf.httpclient] [csf::http::CurlHttpUtils::curlHeaderCallback] - Request #76 got CR-LF pair. Accumulated headers:

After it gives up connecting there it tries Webex Messenger, but, it's upset about the certificate at least for that too. If you're supposed to be connecting to the Expressway then it's not happy.

Did you added New Domain on expressway domains Tab.

No, I did not add it, i shall add and try. But when I checked the exp-e event logs i was not getting any traces of the log attempt, anyhow I shall try this and update you.