cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
8670
Views
10
Helpful
17
Replies

LDAP over TLS CUCM 11.0

lambay2000
Level 2
Level 2

Hello,

I am facing issues with the authentication/Directory synchronization with secure LDAP on Microsoft AD with (TLS)  connection to CUCM. i dont have a SSL option i can see only TLS as soon i click on the save button the below message appears ,i have uploaded the AD server certificate in cucm tomcat-trust and restarted the tomcat service how i can troublshoot further. ,

Connecting to ldap://AD01.abc.com:636, java.net.SocketException: Unconnected sockets not implemented

17 Replies 17

Jaime Valencia
Cisco Employee
Cisco Employee

Have you tried restarting the tomcat service and then trying again??

HTH

java

if this helps, please rate

Dear Jaime,

yes i have restarted the whole server, i have a unity connection server 11.0  i am also syncing with AD over SSL it is syncing perfectly but authentication is not working over ssl ,  In CUCM the option found is TLS and not SSL though i understand TLS is enhance version of SSL but as soon as i click save it gives me the error.

Connecting to ldap://AD01.abc.com:636, java.net.SocketException: Unconnected sockets not implemented

Dear Eperts,

Any idea for authentication failing on port 636 TLS and also for the above error

thanks

i have the same problem after upgrading to cucm 11 seems to be a bug in Version 11.0(1a) and 11.0(1a)SU1.

after removing SSL Option and changing the port to 389 it works again.

Hi,

any news here?

I added ldap certs as tomcat-trust but without success.

Dear Paul,

I was facing this issue, the latest of 11.X has a bug fix,

thanks

Thanks for your answer.

Unfortunately I use an engineer special and can not update to 11.0.1.21900-11 :(

Another one of my team mates opened up a TAC case for ES to resolve this.  

Here is the bug:

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCux18865

-------------

Please rate helpful content (i.e. videos, documents, comments) so quality content shows at the top of people's search results. Also, please select the correct answer(s) if any comment(s) answers your question otherwise the question remains on the support forums as unanswered.

-------------

Thanks pkinane,

but 11.0(1.22023.1) seems to be again an ES?!

Indeed. I put the defect here so people can find it easily should they have this problem and find this thread.

hi all,

had the same issue with CUCM 10.5(2). If you use the FQDN for the server connection, then it will work. That was the solution tested in several 10.5.x and 11.x releases.

Regards

Torsten

The bug search tool article (updated on Mar 7, 2020) lists 'Known Fixed Releases' up to 11.5(1.10000.6).

Does that mean this bug is not fixed in version 12.5?

Or is it safe to assume that the bug is fixed in major versions after 11.5?

 

Thanks

 

Hi, I'm also experiencing this issue, with SHA-1 tomcat-trust certificates that worked just fine before the upgrade from 8.6.2. Removing SSL fixed the issue, but this is an inadequate workaround. Any news from your end?