cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5402
Views
3
Helpful
8
Replies

LDAP Auth Error ccmuser web access

alfonso.cornejo
Level 3
Level 3

Hi,

I have a CUCM v9.1 with an issue for access to the ccmuser web page using the AD Credentials, I've configured the LDAP Auth in the CUCM with no error messages and also the web access for my users like this:

web_access.JPG

When I access the site http://cucm_ip_add/ccmuser first I get this message:

LDAP_error_2.JPG

After that I try to log into to the web page but I get this error:

LDAP_error_1.JPG

I have no issues importing the users, the problem is with the authentication.

I've checked the ldap port and I'm not using global catalog so the correct one is 389 (tried 3268 and I got an error message from the cucm ldap authentication config page).

Any ideas guys??

Thanks in advance.

1 Accepted Solution

Accepted Solutions

Are you sure you're pointing to the right OU for auth??

HTH

java

if this helps, please rate

www.cisco.com/go/pdihelpdesk

HTH

java

if this helps, please rate

View solution in original post

8 Replies 8

Jonathan Schulenberg
Hall of Fame
Hall of Fame

One commone one is that CUCM treats the username field as case sensitive. Does it have any upper case characters? You can see this within /ccmadmin under End User Configuration.

If that's not it, either a Wireshark of the LDAP bind or a stare/compare between your sync agreement and the auth config to see why one can get the user object but the other cannot bind as that person.

Please remember to rate helpful responses and identify helpful or correct answers.

Hi Jonathan,

Thanks for the reply, I tried with the upper case characters of the user id but I got the same result "An LDAP error has ocurred".

Besides the Wireshark part, what else do you think I can try???

Regards,

Are you sure you're pointing to the right OU for auth??

HTH

java

if this helps, please rate

www.cisco.com/go/pdihelpdesk

HTH

java

if this helps, please rate

Thanks alot Jaime!!!

Tha was the issue, the OU was not the "root" OU in the AD.

Everything is working now!!

If I need to troubleshoot the LDAP sync/auth, I will leverage either Apache Directory Studio or Softerra LDAP Browser to verify parameters. Both of these tools are free and fairly robust. You should be able to talk to the DC or DC/GC server from the data access networks.

Anyway, I verify the configurations that are supposed to be used by CUCM from the LDAP client (Apache or Softerra). Once verified then I will test again from UCM. If you still have an issue then you may have a security layer issue.

HTH.

-Bill

HTH -Bill (b) http://ucguerrilla.com (t) @ucguerrilla

Please remember to rate helpful responses and identify

Hi William,

Thanks for the reply

Rejohn Cuares
Level 4
Level 4

Try restarting the LDAP service in CUCM.

Test it using Apache LDAP browser.

Please rate replies and mark question as "answered" if applicable.

Please rate replies and mark question as "answered" if applicable.

Hi rr_cuares,

Thanks for the reply