I have a customer that is running Microsoft LDS as the directory source for their Cisco Unified Communications environment. It has taken a fair amount of effort to implement their voice environment due to LDS. As a final requirement of the project we needed to implement Jabber on iPhone. After much testing we could only get the directory lookup to work using the Jabber Voice client and not the new Jabber 9.5 that combines IM and Voice. After starting a TAC case and eventually getting the feedback from Cisco that LDS is not currently supported as a directory source for Jabber 9.5 for iPhone I decided to perform more testing and Wireshark traces to get to the bottom of the issue. To help the few unlucky people out that have to implement with Microsoft LDS I thought I would share a working configuration for my environment.
CUCM 8.6(2a) SU2
Presence 8.6(4)
Jabber iPhone 9.5
Microsoft LDS for Directory Lookup
SSL for Windows Jabber
SSL not supported/working for iPhone Jabber
<BDIBaseFilter> can't be configured. If this is configured iPhone Jabber sends (objectCategory=person) which is not valid in MS LDS so make sure to not include Base Filter. In contrast, Jabber for Windows requires <BaseFilter> as I have below in order to work correctly.
Here is a working Jabber-Config.xml directory section for Jabber Windows 9.6 and iPhone 9.5. I hope this helps those who ran into the same problems as I did and couldn't get support from TAC for a solution.
<Directory>
<!-- LDAP Directory configuration for windows platform clients -->
<PrimaryServerName>ldsserver.domain.com</PrimaryServerName>
<ServerPort1>636</ServerPort1>
<UseSSL>1</UseSSL>
<UseWindowsCredentials>0</UseWindowsCredentials>
<ConnectionUsername>CN=Jabber Search,DC=LDS,DC=cisco,DC=com</ConnectionUsername>
<ConnectionPassword>password</ConnectionPassword>
<UseSecureConnection>0</UseSecureConnection>
<BusinessPhone>ipPhone</BusinessPhone>
<OtherPhone>telephoneNumber</OtherPhone>
<SearchBase1>DC=LDS,DC=cisco,DC=com</SearchBase1>
<BaseFilter>(&(objectCategory=*))</BaseFilter>
<PredictiveSearchFilter>cn,sn</PredictiveSearchFilter>
<!-- LDAP Directory configuration for non-windows platform clients -->
<BDIPresenceDomain>domain.com</BDIPresenceDomain>
<DirectoryServerType>BDI</DirectoryServerType>
<!-- BDILDAPServerType= AD (default) or OpenLDAP -->
<BDILDAPServerType>OpenLDAP</BDILDAPServerType>
<BDIPrimaryServerName>ldsserver.domain.com</BDIPrimaryServerName>
<BDIEnableTLS>0</BDIEnableTLS>
<BDIServerPort1>389</BDIServerPort1>
<BDIConnectionUsername>CN=Jabber Search,DC=LDS,DC=cisco,DC=com</BDIConnectionUsername>
<BDIUserAccountName>cn</BDIUserAccountName>
<BDIConnectionPassword>password</BDIConnectionPassword>
<BDIBusinessPhone>ipPhone</BDIBusinessPhone>
<BDIOtherPhone>telephoneNumber</BDIOtherPhone>
<BDISearchBase1>DC=LDS,DC=cisco,DC=com</BDISearchBase1>
<BDIUseANR>false</BDIUseANR>
<BDIPredictiveSearchFilter>cn,sn</BDIPredictiveSearchFilter>
</Directory>