cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
1157
Views
5
Helpful
6
Replies
Lee Marson
Contributor

Jabber over Expressway first time login userid incorrectly populated

Hi All,

I've had this issue with several Jabber MRA installations and wondered if there was a fix?

In a deployment where the userid in CUCM is samaccountname e.g bsmith and the mail id is bob.smith@example.com When signing into Jabber for the first time on any platform over expressway we need to add the email address for service discovery.

Once discovery has happened the userid is auto-populated with the email address used to discover.

Obviously this will not allow to login as we need to use the samaccount name. The problem is the user experience of having to change the userid in Jabber causes issues. If you do this from inside the network using uds discovery then the userid is prepoulated correctly as cucm matches the mail address with the correct userid. Why does this info not get passed over the expressway? Is it a security thing or a limitation?

From what I gather the only way around this is to prepopulate the servicedomain during installation using a url to launch on a mobile platfrom or use a msi switch during windows installation. If this is the case that's fine but it would be a nice feature to take away this extra complexity when deploying over MRA.

Or even better if there was an option to toggle off the username being populated at all in the client.

It works fine when the userid matches the host portion of the email address but I think its wrong for Jabber to assume that the email address is the actual userid.

Many thanks in advance.

Lee

1 ACCEPTED SOLUTION

Accepted Solutions
Jaime Valencia
Hall of Fame Cisco Employee

Indeed, unfortunately, right now that's the expected behavior, the only way in which you could make that work as you want, would be to change the userID to map to the email of the users.

Otherwise, you'd probably want to do some end user education about how this is going to work, or ask them to always use the userID.

HTH

java

if this helps, please rate

View solution in original post

6 REPLIES 6
j.huizinga
Frequent Contributor

have you tried with bsmith@example.com ?

hi, thanks for the response.

Yes that will work however its still inconsistent from a user perspective as it's not the users email address which would be the obvious thing to enter for the first time login.

Jaime Valencia
Hall of Fame Cisco Employee

Not sure how you have configured this, but the behavior I got when trying to do this, and this all came from a case I got is:

userID: jodoe

email: john.doe@domain.com

While logging internally, I could use jodoe@domain.com to login, OR I could type john.doe@domain.com, which would be mapped to jodoe@domain.com automatically for my login in the userID field.

Over MRA, john.doe@domain.com would not work, but only jodoe@domain.com. The reason for this, is that upon reviewing the EXP-C logs, the UDS user lookup would fail to find userID john.doe@domain.com, but it would find the user if searching just the jodoe userID.

HTH

java

if this helps, please rate

Hi Jaime, thanks for the reply.

Yep thats what I get, that's the problem. It would be good if the uds lookup worked over MRA to auto populate the userid when using the email address to do service discovery.

Instead it populates the username field with the email address which you notice doesn't authenticate.

Jaime Valencia
Hall of Fame Cisco Employee

Indeed, unfortunately, right now that's the expected behavior, the only way in which you could make that work as you want, would be to change the userID to map to the email of the users.

Otherwise, you'd probably want to do some end user education about how this is going to work, or ask them to always use the userID.

HTH

java

if this helps, please rate

View solution in original post

thanks Jaime,

Yes that's what I thought. Changing userid is not really an option as it would cause all kinds of trouble:-)

The best option (apart from educating the user) is therefore to preconfigure the servicedomain during installation of the client.

Seems like it would an easy thing to sort out from a Jabber perspective to make the user experience better and easier to rollout the (mobile)clients coming in over expressway as the url configuration is a bit of a messy way to do it, IMO.

Create
Recognize Your Peers
Content for Community-Ad