Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2518
Views
0
Helpful
16
Replies

Voicemail login issue on Jabber with SSO

Hunor Szombatfalvi
Level 1
Level 1

‎03-24-2022 06:04 AM

Hello All,

 

I seem to have a strange issue, we have an environment that is SSO enabled, both CUCM/IMP and CUC. You can log into Jabber without any issues and every service connects except CUC, which is still asking me for a username and password in jabber settings.

 

When I check jabber logs I can see that it actually connects to CUC via SSO successfully in the background, but within the client it is still asking me for the account. As far as I know (checked on a working system), the account settings for CUC should not even be present in a jabber deployment that uses SSO.

 

The users for CUC are LDAP synchronized, if that makes any difference. I can also log into the CUC web inbox from a browser on the machine running the jabber client and I can't really see anything that look like blocked connections in wireshark.

 

Regards,

 

Hunor

1 person had this problem
Labels:
0 Helpful
16 Replies 16

Roger Kallberg
VIP
VIP

‎03-24-2022 10:07 AM - edited ‎03-24-2022 11:40 PM

Have you defined an AuthZ server in CUC? For more information on this please see this presentation from Cisco Live.



Response Signature


0 Helpful

Hunor Szombatfalvi
Level 1
Level 1
In response to Roger Kallberg

‎03-28-2022 03:20 AM

AuthZ server is defined and it's pointing to the CUCM Publisher

0 Helpful

b.winter
VIP
VIP

‎03-28-2022 03:12 AM

Is SSO also enabled in CUC?

What is your setting in the Service-profile for "Credential source for voicemail service"?

Did you enable oAuth in CUCM and / or CUC?

0 Helpful

Hunor Szombatfalvi
Level 1
Level 1
In response to b.winter

‎03-28-2022 03:41 AM

SSO is enabled both on CUCM and CUC

I tried everything for credential source settings, however, correct me if I'm wrong but with SSO enabled that setting should not actually make any difference?

oAuth is not enabled for either CUCM or CUC (might be something to try)

0 Helpful

brettlee77
Level 1
Level 1

‎08-10-2023 03:15 AM

Do you have any solution ? 
I have same issue

0 Helpful

Ibrahim AlQumairi
Level 1
Level 1

‎08-10-2023 04:15 AM

User Service Profile assigned to the User who is using Jabber - Credentials sources for VM as below screenshot:

VM.PNG

0 Helpful

brettlee77
Level 1
Level 1
In response to Ibrahim AlQumairi

‎08-10-2023 05:03 AM

I have same setting already and I still have Issue . Any thoughts ? I can’t find much in PRT

0 Helpful

b.winter
VIP
VIP
In response to brettlee77

‎08-10-2023 05:43 AM - edited ‎08-10-2023 05:45 AM

If it is not working, there must be something in the Jabber PRT.

Maybe your SSO in CUC is not working? Assign a user the "administrator role" and try to login into the CUC-administration GUI via browser from this user's PC.
If the login is working, SSO in CUC should be fine, if not, then SSO is not working.

If you are using CUC 12.5 or lower, you could also browse to "https://<CUC>/inbox" and check if you are logged in automatically via SSO.

Or disable SSO in CUC again and try to login with normal user / LDAP password (if you have LDAP authentication enabled).

0 Helpful

brettlee77
Level 1
Level 1
In response to b.winter

‎08-10-2023 05:53 AM

Basically only single user with MAC is facing issue , no other users are facing this issue.

That user can access the mailbox and CUC server from web browser. When user is entering password manually jabber connects to the voicemail server but it gives pop up that credentials are invalid and then changes have been detected please sign out. I am attaching the PRT , You help will be appreciated.

Jabber-Mac-14.1.3.307311-20230810_070640 (1).zip
0 Helpful

Roger Kallberg
VIP
VIP
In response to brettlee77

‎08-10-2023 06:12 AM

As it’s affecting only a single user it’s not very likely that there is any issue in the central part of the system landscape. What I would suggest is that you have the user login to a known working computer and check if he or she has the same issue. If not you’ve pretty much narrowed the problem down to be computer related and then you can focus on that part of troubleshooting.



Response Signature


0 Helpful

brettlee77
Level 1
Level 1
In response to Roger Kallberg

‎08-10-2023 06:32 AM

Hi Roger,

Totally makes sense , we have only 2 users in that particular location and one is using windows and another is using MAC. Both were having issues but suddenly Windows user is getting through but not mac user. This is very strange and configuration from our side is all ok.

 

0 Helpful

brettlee77
Level 1
Level 1
In response to Roger Kallberg

‎08-10-2023 08:01 PM

User tried on different issue but same user , checked from AD side as well but there is no issue with this user . I am not sure at this point what to do 

0 Helpful

Roger Kallberg
VIP
VIP
In response to brettlee77

‎08-10-2023 11:06 PM

Would you please mind to clarify what you mean by “User tried on different issue but same user”? It is not very clearly worded.



Response Signature


0 Helpful

brettlee77
Level 1
Level 1
In response to Roger Kallberg

‎08-11-2023 12:53 AM

Oh I’m really sorry for a typo I meant - User tried on different system but same issue faced , but we found the solution , not yet tested though but we added MRA profile in UC service profile and test user’s issue resolved , however we are using same uc profile for another they don’t have this issue . But I will keep you posted on this .

0 Helpful
Customers Also Viewed These Support Documents