Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1442
Views
1
Helpful
3
Replies

UCCX 7.0.1 LDAP Sync Issues

Go to solution
R M
Level 1
Level 1

‎08-22-2017 06:30 AM - edited ‎03-14-2019 05:32 PM

I'm troubleshooting an issue with UCCX 7.0.1 HA (I know it's EOL and needs to be upgraded. That project is in the works).

 

Synchronizing Directory Services in CDA is consistently returning an error, CDAUI2082 At least one error has occurred during the manual synchronization of directory services. Contact technical support  
.

 

When I bind to LDAP and look at ou=Company>lcc=Call Center 1>ou=Agents, I see thousands of objects. User accounts are present that have been deleted from CUCM and UCCX long ago.

 

Is it normal for UCCX LDAP to retain these objects after they've been deleted from CUCM and UCCX?

 

New agents can be added and appear in LDAP. The problem is updating them in CDA (changing Work Flow Groups) is no longer functional. The following error is displayed in CDA: CDAUI2050 An LDAP error has occured. Contact technical support.  

Does anyone know if the LDAP objects for deleted CUCM/UCCX users are retained by design? Am I hitting a bug?

 

Thanks!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
R M
Level 1
Level 1

‎09-05-2017 09:52 AM

FIXED!

 

I noticed the following lines in my WebAdmin logs/debugs in C:\Program Files\Cisco\Desktop\Log:

 

 

2017-08-28 08:40:21,565 ERROR WEBADMIN2001 An ERROR has occurred while processing the request. Type of Exception: com.spanlink.caf.ldap.LDAPException. Error Message: empID=Jack/Jill,ou=Agents,lcc=Call Center 1,ou=Company,o=Spanlink Communications.

2017-08-28 08:40:21,565 ERROR WEBADMIN2000 ERROR: Type of Exception: com.spanlink.caf.common.exception.CAFException. Error Message: CDAUI2050 An LDAP error has occured. Contact technical support..

2017-08-28 08:47:05,452 ERROR WEBADMIN2000 ERROR: Type of Exception: com.spanlink.caf.common.exception.CAFException. Error Message: CDAUI2082 At least one error has occurred during the manual synchronization of directory services. Contact technical support.

 

 

 

I highlighted the problem. The user Jack/Jill was created in CUCM. The account was imported into UCCX and caused LDAP to stop synchronizing. Even after deleting the account from CUCM, the object was still present in the UCCX LDAP.

 

It was necessary to edit C:\Program Files\Cisco\Desktop\bin\slapd.conf to reset the LDAP root user password. I commented out the old password hash and inserted the line with the new one:

 

 

# Root user password

# Old Password = ?

# rootpw    {SSHA}qTp612HSRZ9HX7ICW95TCAOOnVNacOK6

# New Password = test

rootpw    {SSHA}9DgilxbKtDVpSW86NjCzcnUkuBtzYWx0

(Credit: Anthony Holloway: https://supportforums.cisco.com/t5/contact-center/accessing-ipcc-express-spanlink-ldap-directory/td-p/1135070)

 

 

I then restarted the Cisco Desktop LDAP Monitor Service on both the Master and Slave.

 

After this, I was able to bind to LDAP using Jarek Gawor’s LDAP Browser/Editor v2.8.2

 

User DN: cn=Spanlink,ou=People

Password: test

 

I deleted the user object empID=JackVJill from under ou=Company>lcc=Call Center 1>ou=Agents. I couldn't rename or otherwise edit the user.

 

Now everything is working as it should: CDAUI0001 Transaction successful.  

 

I hope this helps someone! Be extremely cautious if you're attempting this! I didn't run into any problems during the fix.

 

 

 

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Deepak Rawat
Cisco Employee
Cisco Employee

‎08-23-2017 12:23 PM

This is working as designed that the objects will be retained in LDAP DB, infact the objects do not delete even from the UCCx DB it is just that they become invisible on CCX Administration and marked as Active status to False in the DB. This is done from a perspective that if you need to run historical report for a user who worked for a company at some point but later left and now you need to run the report due to some legal obligation. Now coming to your problem try restarting Cisco Desktop sync Service and LDAP monitor service followed by manual directorysync on CDA and then try changing the workflow group.

regards
Deepak
(Please Rate Helpful Posts)

Go to solution
R M
Level 1
Level 1
In response to Deepak Rawat

‎08-24-2017 12:28 PM

Thanks for the reply!

 

I've restarted the sync services and even gone as far as to restart the both servers. The issue persists. One thing I did notice is that the manual sync fails at exactly 2 minutes every time. I believe I have a timeout problem on my hands, but can't find the parameter in the configuration. The registry and config files show nothing that would indicate a 2 minute timeout.

 

We've had a total of 4200+ agents in this system since we rolled it out. Agents that have been in the system for a while can have their work flow groups changed. It's only new agents that won't let me change that attribute.

 

Is there any place I may have overlooked this 2 minute timeout parameter?

 

Thanks, again!

0 Helpful

Go to solution
R M
Level 1
Level 1

‎09-05-2017 09:52 AM

FIXED!

 

I noticed the following lines in my WebAdmin logs/debugs in C:\Program Files\Cisco\Desktop\Log:

 

 

2017-08-28 08:40:21,565 ERROR WEBADMIN2001 An ERROR has occurred while processing the request. Type of Exception: com.spanlink.caf.ldap.LDAPException. Error Message: empID=Jack/Jill,ou=Agents,lcc=Call Center 1,ou=Company,o=Spanlink Communications.

2017-08-28 08:40:21,565 ERROR WEBADMIN2000 ERROR: Type of Exception: com.spanlink.caf.common.exception.CAFException. Error Message: CDAUI2050 An LDAP error has occured. Contact technical support..

2017-08-28 08:47:05,452 ERROR WEBADMIN2000 ERROR: Type of Exception: com.spanlink.caf.common.exception.CAFException. Error Message: CDAUI2082 At least one error has occurred during the manual synchronization of directory services. Contact technical support.

 

 

 

I highlighted the problem. The user Jack/Jill was created in CUCM. The account was imported into UCCX and caused LDAP to stop synchronizing. Even after deleting the account from CUCM, the object was still present in the UCCX LDAP.

 

It was necessary to edit C:\Program Files\Cisco\Desktop\bin\slapd.conf to reset the LDAP root user password. I commented out the old password hash and inserted the line with the new one:

 

 

# Root user password

# Old Password = ?

# rootpw    {SSHA}qTp612HSRZ9HX7ICW95TCAOOnVNacOK6

# New Password = test

rootpw    {SSHA}9DgilxbKtDVpSW86NjCzcnUkuBtzYWx0

(Credit: Anthony Holloway: https://supportforums.cisco.com/t5/contact-center/accessing-ipcc-express-spanlink-ldap-directory/td-p/1135070)

 

 

I then restarted the Cisco Desktop LDAP Monitor Service on both the Master and Slave.

 

After this, I was able to bind to LDAP using Jarek Gawor’s LDAP Browser/Editor v2.8.2

 

User DN: cn=Spanlink,ou=People

Password: test

 

I deleted the user object empID=JackVJill from under ou=Company>lcc=Call Center 1>ou=Agents. I couldn't rename or otherwise edit the user.

 

Now everything is working as it should: CDAUI0001 Transaction successful.  

 

I hope this helps someone! Be extremely cautious if you're attempting this! I didn't run into any problems during the fix.

 

 

 

0 Helpful
Customers Also Viewed These Support Documents