Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7208
Views
25
Helpful
24
Replies

Selfcare portal Access for non-SSO local CUCM user

Naveen Subramaniam
Level 5
Level 5

‎06-17-2015 09:32 PM - edited ‎03-19-2019 09:42 AM

Dear All,

 

We are using SSO (Windows ADFS with AD) for most of the users, but some of them (e.g.non-staff) are configured as local user on CUCM as they are not AD users.

 

We understand this is now supported with version 10.x, however, it seems that we have some corner cases for the Self-care Portal and the Unity Connection integration in Jabber:

 

- Self-care portal seems to only authenticate via SSO, what is the way to authenticate CUCM local users?

 

- Jabber link into CUCN for visual voice-mail doesn't seem to be available, could you confirm?

 

For Administration, we will user Recovery URL who not have AD account (e.g. CUCMAdministrator)

 

For End User http://xx.xx.xx.xx/ccmuser - how to bypass if user not in AD ??

 

best regards,

Naveen

11 people had this problem
Labels:
0 Helpful
24 Replies 24

johannes.wendling
Level 1
Level 1
In response to Roger Kallberg

‎04-14-2021 12:07 AM

Hi Roger, here are three use cases for local users. There are probably more.

 

1) Most customers require the Active Directory users to change their password regularly. Therefore I often use a local end user on CUCM with a static password for testing. Also useful for Third Party devices where the authentication password would have to be changed on after every AD password change.

2) When there is a login issue, I need to test whether it's a general authentication issue on CUCM or if the issue is related only to SSO. This can be easily tested with a local user on the Self Care Portal.

3) I often use a local end user with an assigned CTI device to set the Forward All target of a directory number via Self Care Portal. There might be a group of several people, where one of them is on duty for a hotline for a week. With the local user, they can log in to Self Care Portal and set the forward for this hotline directory number to their mobile phone. Because the user is not synced with AD, I can set the password requirements on CUCM and they don't need to change it regularly.

Stephanie Knoop
VIP Alumni
VIP Alumni
In response to Roger Kallberg

‎01-21-2022 07:37 PM

Just implemented SSO last night and immediately learned that our local accounts could no longer log in. We use these for special OnCall scenarios.  A set of staff have the local account credential so they can log in and modify a remote destination profile for SNR, which is used to manage an on-call rotation.  My IT staff will not want to create AD service accounts for this purpose, as well as service accounts are in an OU that we do not sync to CUCM.

We have a similar Unity need where a group of staff use a local account to modify SMTP notification devices for an on call solution.


Response Signature
0 Helpful

Stephanie Knoop
VIP Alumni
VIP Alumni
In response to Roger Kallberg

‎01-22-2022 12:09 PM - edited ‎01-23-2022 03:55 PM

Thanks, Roger. That gives a clue that there is a mechanism for non SSO but certainly doesn't address the web apps for the user portal scene call manager and unity. I may open another TAC case next week and will let people know what I learn.


Response Signature
0 Helpful

Roger Kallberg
VIP
VIP
In response to Stephanie Knoop

‎01-23-2022 12:32 AM

Your welcome, I realised it doesn’t cover the aspects of your outline, but hopefully someone could be of help. However my name is not Robert.



Response Signature


Stephanie Knoop
VIP Alumni
VIP Alumni
In response to Roger Kallberg

‎01-23-2022 03:56 PM

Fixed up, @Roger Kallberg 


Response Signature
0 Helpful

Vinod16
Level 1
Level 1
In response to Stephanie Knoop

‎05-08-2022 02:14 AM

Hi  @Roger Kallberg  @Stephanie

 

Any workaround for local user to login self care portal if SSO enable in CUCM?

 

Thanks in advance.

0 Helpful

Roger Kallberg
VIP
VIP
In response to Vinod16

‎05-08-2022 07:28 AM

Not that I’m aware of.



Response Signature


devils_advocate
Level 7
Level 7

‎04-14-2021 12:42 AM

Absolutely, its number 3 for us but in a slightly different way.

We have several offices that have a single DDI number they want to route onto a hunt pilot to broadcast to several phones BUT they also want the ability to set incoming calls to VM manually if they are not going to be in the office etc.


We forward the DDI to the local end users extension and the users then login to the self care portal and either call forward to the hunt pilot or call forward to voicemail. Its not an elegant solution but it worked until we enabled SSO.

 

Thinking of ways round it, we are going to assign the existing local end users extension as an additional line button on their phones so they can at least do the call forward manually for now.

 

KirilIvanovWB
Level 1
Level 1

‎06-23-2022 11:36 PM

+1 for this request. My case is where there are phones in some service spaces that need to have their VM accessed with ability to change pin for example. Local accounts don't work for it now. 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents