Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
570
Views
2
Helpful
9
Replies

CUCM - LDAP Problem

jotaanne
Level 1
Level 1

‎07-08-2024 05:59 AM

Hello Guys,

We have a CUCM Cluster with Version 12.0.1.22900-11 and We are having problems synchronizing our AD with our CUCM. I tried to sync and it supposedly syncs immediately but in reality it is not syncing.

I send the log file here so someone can try to help.

I already trying stop and started DIRSYNC and still doesn´t work.

 

Labels:
Preview file
40 KB
0 Helpful
9 Replies 9

Maren Mahoney
VIP
VIP

‎07-08-2024 06:54 AM - edited ‎07-08-2024 06:55 AM

You may have hit the bug CSCuz91655. Your version of CUCM is not on the "fixed in version" list. Check with TAC.

Exception while performing sync using secure port in LDAP directory pagehttps://bst.cisco.com/bugsearch/bug/CSCuz91655

Unfortunately, the fix seems to be upgrade or disable secure LDAP.

Maren

jotaanne
Level 1
Level 1
In response to Maren Mahoney

‎07-08-2024 07:17 AM

Thank u for the fast Reply Maren,

Is there a way to only disable secure LDAP for Call Manager? We only work with secure LDAP, so i need a way to just have the Call Manager without secure LDAP or another solution without upgrading the CUCM or disable secure LDAP if exists.

 

0 Helpful

Maren Mahoney
VIP
VIP
In response to jotaanne

‎07-08-2024 07:23 AM

If you mean is there a way for MS-AD to selectively allow non-secure LDAP connections, I don't know. Someone else here may know, but you may have better luck posting that query in a Microsoft forum.

I would check with TAC first, regardless, in case my analysis is incorrect.

Maren

0 Helpful

Vaijanath Sonvane
VIP Alumni
VIP Alumni

‎07-08-2024 07:31 AM

Hi @jotaanne,

Was this setup working before? Are there any changes made to the environment that broke the synchronization?

 

Please rate helpful posts and if applicable mark "Accept as a Solution".
Thanks, Vaijanath S.

0 Helpful

jotaanne
Level 1
Level 1
In response to Vaijanath Sonvane

‎07-08-2024 07:46 AM

Yes it worked! I really don't know. I only know that we started using Secure LDAP in our AD and TLS v1.3.

0 Helpful

Vaijanath Sonvane
VIP Alumni
VIP Alumni
In response to jotaanne

‎07-08-2024 08:05 AM

Hi @jotaanne,

CUCM 12.0 supports TLS 1.0, TLS 1.1, and TLS 1.2.

TLS version 1.3 is only supported in CUCM Release 15SU2 Onwards.

In this case you have three options:

  1. Update your LDAP to allow earlier TLS versions
  2. Update your LDAP to allow non secure connection from CUCM
  3. Upgrade you CUCM to 15SU2

 

Please rate helpful posts and if applicable mark "Accept as a Solution".
Thanks, Vaijanath S.

jotaanne
Level 1
Level 1
In response to Vaijanath Sonvane

‎07-08-2024 08:34 AM

Sorry for the misunderstanding. I went to talk to those responsible for our LDAP and they say they are using TLS v1.2 or higher. So, that's supposedly not the problem. IDK

0 Helpful

Edward Lau
Level 1
Level 1

‎07-08-2024 12:13 PM - edited ‎07-08-2024 12:22 PM

Have you confirmed the certificates of the LDAP server(s) are trusted by the UCM (tomcat-trust)?

0 Helpful

jotaanne
Level 1
Level 1
In response to Edward Lau

‎07-08-2024 12:33 PM

Yes and they are.

0 Helpful
Customers Also Viewed These Support Documents