I'm not able to log from MRA using my E-mail address. How to resolve it?
My account is email@example.com (it is my domain in local, not resolved on internet)
My email(URI) address is Antra.Antra@internetresolvabledomain.com
If I'm login from internet using my Active Directory ID combined with my external domain internetresolvabledomain.com, i.e firstname.lastname@example.org, then it succeed.
But if I'm using my e-mail address, it cannot be authenticated because the Expressway remove the domain, then ask the CUCM about the authentication.
Question: How can I tell the Expressway-C that this domain is an e-mail (URI) address of my account iantra123?
And tell the Expressway-C to not remove this domain for the authentication?
Solved! Go to Solution.
Not sure I'm following how you have this configured, but not being able to login with your email (unless that is exactly the same as your JID) is the expected behavior, you can login internally using your JID or email (the email will automatically be mapped to your JID), but from the outside, you can only use your JID.
If your email and your JID are NOT the same, that is expected not to work.
If I understand, the expressway cannot do the automatic mapping of e-mail to the JID, like Jabber do. Right or not?
Jabber get the e-mail from the first login field, then it search the domain, then search correct owner of the e-mail toward the CUCM (or the IMP ?)
Thank you very much.
I suggest Expressway team to add this feature on their future version. :-)
I paste here the link about the MRA call flow that I've found in this forum a
only a question about this: would it works with Expressway 8.10 and CUCM 12.1 to login with the email address from outside?
We use UDS at this time and will probably habe some change in the next future e.g. change domains: I'm wondering if it make sense to use the same domain inside and outside the company (split DNS), maybe would be the best user experience for the Jabber user, in particular at the forst login.
But I would not like to change from UDS to EDI...if possible.
I've been struggling with this kind of deployment too for long time... I always wanted to be able to login with the mail whether I'm inside or outside of the corporate network, I think it's much more intuitive and seamless for end users!
But the problem is the following: Expressway Core will send the request to UCM to authenticate the user and it seems UCM only tries to make your login match with the userID field. So in the Core logs, you will see those logs:
User="('username', 'xxxxxxxx')" Reason="Unable to determine home CUCM" Reason="No home cluster found for user" UTCTime="2019-02-05 08:29:21,186"
The only way to be able to make it work is:
- either be lucky and have a match between the sAMAccountname and the user portion of your mail ^^ (which is rarely the case)
- or map the cisco userID field to the mail address for the dirsync.
I have tested the 2nd solution and it works. But using the mail address as a userID might lead to some side effects. Especially for login into EM (imagine an end user that has to enter his/her mail as an ID...) unless you deploy UCMv12 and use something else as an ID.