cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
341
Views
0
Helpful
3
Replies
Highlighted
Participant

Change Password on Prime Collaboration Provisioning

Hi Guys,

 

I am trying to add an account for operational role. The privilege of the account is to change Jabber services only. So far I am able to add the account. The account is able to login and change Jabber services, as expected. But the person assigned to this role wanted to change the password. Since the account username is sync with AD, not generic account, the password is personal, cannot be shared.

 

On the Change Password menu, somehow I am unable to change the password, even though all the criteria is fulfilled. I thought this is a bug. So on the globaladmin I clicked on the Prompt User button, forcing the user to change password on the next logon, hoping for a different outcome. But the outcome was the same. I tried to remove the user from the role group then add the account again, but the outcome still the same.

 

Below is the error notification when changing password from inside PCP.

Error Change Password inside PCP.JPG

 

Below is the error notification when changing password on prompt mode.

Error Change Password on Next Logon.JPG

 

I have two questions:

1. When I cannot change the password even though all the criteria is fulfilled, is it a known bug?

2. How can I revert the change password prompt on the next logon?

 

My Prime Collaboration Provisioning version is 12.5.1862.

 

Thank you.

3 REPLIES 3
Highlighted
VIP Collaborator

I guess you cannot maintain the password from PCP.

for admins a local account must be present, but the the passwords are not synced,

the credentials are validated at AD by PCP sending a challenge to AD and get a success/error response

-> you must change the password in AD

Highlighted

Hi Pieter,

 

Somehow the AD password does not work on PCP. It said "Invalid Username or Password". In PCP, only the usernames are synced with AD, but not the passwords. This is the reason why I created local password. But with CUCM, I can login using my AD credential. Is this behavior normal in PCP and CUCM?

 

Thanks

Highlighted

look at this document Synchronizing Processors, Users, and Domains

the synchronizistion works the other way around

users are copied from call manager stored in PCP and (depending on sync type)  "put in AD"

 

There are three types of synchronizations in Prime Collaboration Provisioning:

  • Infrastructure Synchronization — Discovers all the objects in the device that Prime Collaboration  Provisioning uses and that are not specific to individual users. The infrastructure data are the configurations that are required to exist on the device before Prime Collaboration Provisioning can  configure user services.
  • User Synchronization — Discovers all objects related to individual users.
  • Domain Synchronization — Puts existing users discovered during user synchronization into the Domain

 

So my assumption was not correct and the password is sourced in a call manager or unity.

and to understand the situation you need to check what sync type is configured at your site.

and you need to check if synchronization is working periodically as described in the document.

you should also check that the call-manager ais NOT configured for external authentication with AD

 

The Cisco Unified Communications Manager password cannot be modified when the  Cisco Unified Communications Manager is configured to use external authentication

Content for Community-Ad