Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1399
Views
0
Helpful
7
Replies

Unable to sign in to CM Attendant Console, CCMUser pages: LDAP error

Go to solution
kknuckles
Level 1
Level 1

‎04-21-2015 06:20 AM - edited ‎03-17-2019 02:44 AM

We recently updated from 9.1.2.12901 to 9.1.2.13900. Once we finished updating, users are no longer to sign in to the CCMUser portal. Users who use the CM Attendant Console are also unable to sign in. We were able to sign-in appropriately prior to the upgrade. On the CCMUser portal, I am getting the following error:

'An LDAP Error has occurred. Retry the username and password. Contact your system administrator if the problem persists.'

 

I have made sure that the users who need it are assigned the Standard CCM User Role. I have also removed that role from my account, saved, then added it back and saved. No change.

Oddly enough, I can go into System-->LDAP-->LDAP Directory, perform a sync and it will pull in new users or remove users accordingly.

We use secure LDAP for Microsoft AD. All certificates are loaded to the system.

 

Any help would be much appreciated.

 

Kevin

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Shadi Shami
Level 7
Level 7
In response to kknuckles

‎04-22-2015 10:12 AM

Then we need to check the logs, please collected "Cisco Tomcat Security Logs" through RTMT covering the time of a login attempt.

View solution in original post

0 Helpful
7 Replies 7

Go to solution
Shadi Shami
Level 7
Level 7

‎04-21-2015 11:27 PM

Hello Kevin,

 

To isolate the issue, can you please create local user with Standard CCM User Role and test it?

 

Thank you,

Shadi

0 Helpful

Go to solution
kknuckles
Level 1
Level 1
In response to Shadi Shami

‎04-22-2015 06:22 AM

a local user works fine. Test user is able to sign in to the CCMUser portal with no issue.

0 Helpful

Go to solution
Shadi Shami
Level 7
Level 7
In response to kknuckles

‎04-22-2015 09:22 AM

Which means only active directory users affected.

We need to confirm if both LDAP sync and LDAP Authentication configured properly, can you please navigate into each one and hit click on save. And please confirm the configurations are correct.

 

1. system > LDAP > LDAP Directory: Click on save.

2. system > LDAP> LDAP Authentication: Click on save

0 Helpful

Go to solution
kknuckles
Level 1
Level 1
In response to Shadi Shami

‎04-22-2015 09:22 AM

Yes, these have been confirmed working.

0 Helpful

Go to solution
Shadi Shami
Level 7
Level 7
In response to kknuckles

‎04-22-2015 10:12 AM

Then we need to check the logs, please collected "Cisco Tomcat Security Logs" through RTMT covering the time of a login attempt.

0 Helpful

Go to solution
kknuckles
Level 1
Level 1
In response to Shadi Shami

‎04-22-2015 07:44 PM

In looking through the Tomcat Security Logs, it kept erroring out due to a FQDN/hostname mismatch in the certificate. I verified it as correct in the certificate. For the time being, after talking to TAC, we issued a 'utils ldap config ipaddr' to match on IP instead of FQDN. We'll revisit the security certificate issue at a later date when users won't be impacted by testing. Thanks for the nudge in the right direction.

0 Helpful

Go to solution
Shadi Shami
Level 7
Level 7
In response to kknuckles

‎04-22-2015 09:43 PM

Thanks for the update.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents