cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
7609
Views
5
Helpful
6
Replies

LDAP Directory Error

phamvinhdat
Participant
Participant

I just set up Windows 2003 domain controller to use for LDAP Directory with CUCM 8.5, but I am running into error:

Error while Connecting to ldap://xxx.xxx.xxx.xxx:389, null

What should I checked for from either CUCM or Windows 2003? I try to look into real time log but could not find anything on this error.

Thanks.

Dat Pham

1 Accepted Solution

Accepted Solutions

Two thoughts:

  1. What are you using for a Search Base string? The default Users container violates a LDAP rule because you address it using CN= while a normal OU container would be OU=
    Examples:
    • CN=Users,DC=domain,DC=com
    • OU=People,DC=domain,DC=com
  2. If you use another LDAP tool such as AD Explorer and connect with the same user credentials CUCM has, are you able to read user objects and attributes in the new OU you created? Perhaps the inherited permissions are denying access to the new container.

View solution in original post

6 Replies 6

If the Windows 2003 server is a Global Catalog server the port would be 3268, not 389. Have you checked this?

I tried with the default Users OU and it is working ok, but not the newly created OU. I also have tried port 3268, and it still the same issue. I will have to try some different OU and see how that goes.

Thanks.

Dat Pham

Two thoughts:

  1. What are you using for a Search Base string? The default Users container violates a LDAP rule because you address it using CN= while a normal OU container would be OU=
    Examples:
    • CN=Users,DC=domain,DC=com
    • OU=People,DC=domain,DC=com
  2. If you use another LDAP tool such as AD Explorer and connect with the same user credentials CUCM has, are you able to read user objects and attributes in the new OU you created? Perhaps the inherited permissions are denying access to the new container.

Jonathan,

Thanks for the pointer, LDAP Directory is working good now.

Dat

5 points Jonathan.  Logging in via AD Explorer also helped clarify what the distinguished name and search base should be in exact format since I could see them in the actual AD.

Thanks!!!

Ad Explorer was the only way I could find out how to get the LDAP working with my CUCM!

Thanks, great thread!!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers