Solved: Re: Unity Connection 7.1.2, IMAP with LDAP integration issues

sfreeberg595 · ‎11-24-2009

I have a new UCON 7.1.2 server that is intgrated with AD for users and authentication. I was able to import all of my users without any issues and when I setup an IMAP account for testing I used a non-domain user with a local UCON password. This worked fine without any issues. I was also able to add roles to imported users so that they could administer UCON.

I cannot get IMAP to work for any user that was imported from Active Directory. Has anyone run into this issue before? Is there anything special that I need to do in order for these AD users to be able to access UCON via IMAP?

These users can login to the Cisco PCA site without any issue.

Thanks,

Steve

Jaime Valencia · ‎11-24-2009

A couple of weeks one of my customers run into a similar issue, everything done by the book and it would still fail. Disabled auth and still failed. PCA also worked with/without auth enabled.

He just went into the COS and disabled IMAP, save, enable IMAP, save and it started working.

We also restarted a couple of times the IMAP service during the process.

It's worth a shot, also CUC 7.1(2).

HTH

java

If this helps, please rate

www.cisco.com/go/pdihelpdesk

HTH

java

if this helps, please rate

View solution in original post

Ginger Dillon · ‎11-24-2009

Hi Steve -

My first thought is did you put these users in a class of service that has IMAP enabled? Do you have IMAP enabled in your UC license file(s)? Here is the step by step guide link - http://www.cisco.com/en/US/docs/voice_ip_comm/connection/7x/administration/guide/7xcucsag175.html, just in case you don't have this reference. You did not mention the error they are getting, so perhaps the guide will be of some assistance!

Sincerely,

Ginger

Jaime Valencia · ‎11-24-2009

A couple of weeks one of my customers run into a similar issue, everything done by the book and it would still fail. Disabled auth and still failed. PCA also worked with/without auth enabled.

He just went into the COS and disabled IMAP, save, enable IMAP, save and it started working.

We also restarted a couple of times the IMAP service during the process.

It's worth a shot, also CUC 7.1(2).

HTH

java

If this helps, please rate

www.cisco.com/go/pdihelpdesk

HTH

java

if this helps, please rate

sfreeberg595 · ‎11-25-2009

Java,

That is messed up!!

I disabled IMAP on the COS and then re-enabled it. Now the AD integrated accounts work for IMAP access, but no the non-AD accounts cannot access UCON via IMAP.

Also, the AD accounts cannot access CiscoPCA but the non AD accounts can without issue.

Does UCON have a limitation that will not allow accounts both AD integrated and non AD integrated on the same system?

Also, why would IMAP authentication for the user pass but "login failed" for Cisco PCA?

Thanks,

steve

m-fletcher · ‎11-12-2010

I had this issue after I had to change the LDAP user account/password that is used for LDAP syncing.

After I changed the LDAP password, the IMAP authentication fails. All other authentication (PCA, admin login etc) works fine.

To fix it I simply had to stop/start the IMAP service on both the servers in my CUC cluster.

I suspect the IMAP service might cache the LDAP credentials for authentication lookup. Unlike the other Unity services, it seems to need a kick in the pants to start using the new corrected LDAP account and/or password.