05-23-2016 11:35 AM - edited 03-18-2019 05:58 AM
Hello Guys,
I'm deploying a MRA solution and I'm getting a credentials issue when I'm trying to connect to jabber through Expressway.
Expressway version is 8.7.1.
CUCM and IM&P: 10.5.2.12901-1
I already checked that the password and username were correct on my LDAP server.
Any idea?
05-23-2016 06:26 PM
Hi ,
try to check the same credentials by logging through self care portal.
regds,
aman
05-23-2016 11:46 PM
Hi,
this issue is not related to LDAP authentication it look like some UDS and Cuplogin records issue .
Can you please clarify before its working ?
This is new or old setup ?
05-24-2016 07:05 AM
I already checked with the self-care portal and it worked.
This is a new setup.
I configured in mi internal DNS both srv records _cisco-uds and cuplogin with the following information:
Priority=10
Weight=10
Port=8443
SRV Hostname: cucm-name.domain.com (UDS) and imnp-name.domain.com (cuplogin).
I checked on Expressway C which is solving and getting both srv records.
05-24-2016 08:09 AM
I am just guessing :
We came across Case-sensitive issue with no LDAP being used and Jabber version was 10.5. Finally turned out to be a bug:
05-26-2016 07:32 AM
Ok but in this case my Jabber version is 11.1.2.
Otherwise I'm having the following message on expressway c Logs:
2016-05-26T10:08:03-04:00 | edgeconfigprovisioning: Level="WARN" Service="ECS" Detail="Request failed" User="('username', 'a.martinez')" Reason="Unable to determine home CUCM - Unknown CUCM cluster for node da-ve-ccs-cucm-sub" UTCTime="2016-05-26 14:08:03,421" |
05-26-2016 01:57 PM
Hey Guys,
Problem was solved. I did a downgrade to Expressway version from 8.7.1 to 8.7.
CUCM and IM&P version: 10.5.2.12901-1
Just for your information I did another implementation and everything works fine but in this case the versions were different:
Expressway: 8.7.1
CUCM and IM&P: 11.0.1.21900
Thanks for you support
05-26-2016 04:46 PM
One change noted in the X8.7 release notes is that X8.7.1 no longer allows TLS connections to use the RC4 cipher. X8.7.2 and above will also reject keys with fewer than 1024 bits when doing Diffie-Hellman key exchange. SO, it could be these issues affecting that particular deployment depending on how your other equipment is configured.
Wayne
Please remember to mark helpful responses and to set your question as answered if appropriate.
05-24-2016 07:20 AM
I configured both SRV records (UDS and cuplogin) on my internal DNS with the following information:
Weight:10
Priority:10
Port:8443
SRV: cucm-name.domain.com (UDS) and imnp-name.domain.com (cuplogin)
I checked on Expressway C which is solving and getting both records.
So what other thing I have to check?
05-23-2016 09:56 PM
Check that your Expressway(s) are also set to proxy the authentication request across their traversal zones back to the authentication source.
Wayne
--
Please remember to rate responses and to mark your question as answered if appropriate.
Please remember to mark helpful responses and to set your question as answered if appropriate.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide