I am currently deploying CUCM 8.6 with CUP 8.6. The end users of CUP are synced to CUCM, which in turn synced to an OpenLDAP server. The synchronization is working properly i.e. users in CUCM also exist in CUP. However, when I tried to login into Jabber, it keeps giving me "Invalid Username/Password" error. I tried logging into Cisco Unified CM User Options (<ip address>/ccmuser) using the same credentials and succeeded. However, I failed to login to Cisco Unified Presence User Options (<ip address>/cupuser).
Have you restarted CUPS since enabling the LDAP Sync on CUCM?
Have you configured your CUPS attribute map? By default that's set up for AD, i.e. userid=samaccountname, but should be userid=uid (assuming you are using uid for ID in CCM). I'm not sure if that would affect login to the web page, but worth checking anyway.
Yes I have restarted CUPS to no avail
What do you mean by configuring CUPS attribute map? My current deployment is CUPS --syncs--> CUCM --syncs--> LDAP. From what I understand, I do not have to configure any attributes in CUPS as it will be automatically synced from CUCM
I mean in CUPS (Jabber/Settings menu).. like I say that may not have an impact on your issue, as you say it primarily syncs from CUCM - but I'm sure I've seen similar things when using alternate atts in AD (e.g. userid=telephonenumber).
OK - well... I guess now it's time to look at the logs.
Have you tried scanning the logs for instances of your username?
file search activelog / USERNAME recurs reltime minutes 10 ignorecase
That should flag up any files where your username appears, so you should see a reference to the auth attempt. Once you see that you'll know what files to look at to get more info.
Yes I managed to solve the issue. It turns out that my Presence server cannot reach the LDAP server (no network route) but my Call Manager server can reach the LDAP server. Once I added ip route, the issue is solved.
I had this exact same issue. Mine was due to a failover. Users were all moved to one server so about half were not working. In CUPS go to System -> Cluster Topology and expand the cluster. Look for Red Xs indicating an issue. Click one where it gives the number of assigned users. Do any say "Failed Over" and have that check box? The ones that do not likely are getting this message of invalid UN/PW. You can test this by pointing the jabber client directly at the working server (the server their name is not under in Cluster Topology). If this is your scenario look for errors and then try clicking the cluster to get "Subcluster Detail" page and click the "Failover" button on the server that has that option. The red X should disappear and the users should be on their subsequent server again and thus should be able to log in.