cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
8777
Views
31
Helpful
15
Replies

Unity Connection - CUCM PIN synchronization is not enabled due to HttpsURLConnection response code: 401 : Unauthorized

Laszlo Olah
Level 1
Level 1

Dear Coleagues,

I would like to setup the PIN synchronization between CUC and CUCM, but when I click to Enable End User Pin Synchronization on the Application Server Configuration page I got this error: 

Pin synchronization is not enabled due to HttpsURLConnection response code: 401 : Unauthorized

I have done the followings:

  • Started the AXL on CUCM
  • Created a new AXL related application user with Standard AXL API Access on CUCM
  • Imported the CUC tomcat certificate into the CUCM cert store as tomcat trust
  • Setup CUC as an Application server on CUCM with AXL application user
  • Setup CUCM under Telephony intergrations - Phone System - AXL Server on CUC (with the AXL application user credentials, SSL enabled and PIN sync)
  • Setup end users with primary extensions
  • Imported the users from CUCM

Is there anything I missed? Do I need to grant more privileges to the AXL application  user?

Thanks,

Laszlo

1 Accepted Solution

Accepted Solutions

I show the whole procedure in the video, I suggest you make sure everything is configured properly.

HTH

java

if this helps, please rate

View solution in original post

15 Replies 15

Jaime Valencia
Cisco Employee
Cisco Employee

I don't see listed that you imported the CUCM cert into CUC

https://youtu.be/p6m4gPv0ikE

FYI, this works for LDAP or AXL users, you don't have to use AXL integration to CUCM for this to work.

HTH

java

if this helps, please rate

Hi! Thanks for the hint, but unfortunately it did not solve the problem.

I show the whole procedure in the video, I suggest you make sure everything is configured properly.

HTH

java

if this helps, please rate

I had to create an CUC app user with admin privileges and then use it during the Application server setup on CUCM.

Thanks for the video,

Laszlo

Hi Laszlo...

Thanks for this....i did work for me as well.....creating the CUC admin user to match the user from Application Server on CUCM.

Agreed. 

In In my case, the AXL test passed on the telephony integration page without having the CUC user created.  But whenever I tried to enable the PIN sync checkbox in UCM, I would get the error:   "Pin synchronization is not enabled due to HttpsURLConnection response code: 401 : Unauthorized.”  Bunch of TAC case hits point to the following:

 For PIN synchronization to work, a user account (doesn't need to have a mailbox) must be configured in Unity with a password. This user account's alias and password must match that of whatever application user is configured on the Unity Connection server under System>Application Server in CUCM. If the alias and or password doesn't match, the following error is thrown in CUCM when enabling PIN synchronization checkbox: "Pin synchronization is not enabled due to HttpsURLConnection response code: 401 : Unauthorized"

So if you create a dedicated AXL application user it must be defined in three places:

UCM Application User:  CUC-AXL-User (AXL Role)

CUC User: CUC-AXL-User (No Mailbox, administrativetemplate)

CUC AXL Telephony Integration Page:  CUC-AXL-User

of course passwords should match in all three places.

Works for me !!! Many Thanks!

Hello Jaime,

can you list the steps required to download the certificate from CUC?

it's not clear in the video how you've done it...

Go to OS admin, find the tomcat certificate, click on it, click on download

HTH

java

if this helps, please rate

just to make sure that we are talking about the tomcat and not tomcat-trust certificate right?

Do i download it as .PEM or .DER? or it doesn't matter?

Yes, you need the server certificate.

It shouldn't matter, I usually use .pem

HTH

java

if this helps, please rate

i've done this but it's still not working... i deleted the app server and recreated again with no problem resolution. i'm getting the error:

Pin synchronization is not enabled due to Certificate not verified.

i will open a TAC case.

Not the real answer, see answer below by R. Clayton Miller Cisco Employee Cisco Employee
‎07-26-2017 09:53 PM because that is indeed the answer. You have to configure the user in 3 places, not two. Create a user and password combination, put in CUCM in one place (Application User) and then in CUC in two places (AXL and a admin user) to configure.

My theory: AXL is a one way thing, so if the user changes their PIN on CUC then AXL would be used by CUC to push the PIN to CUCM. If the user changes the PIN on CUCM then the CUC Administrative user is used to push it by CUCM to CUC. What Cisco needs to do is add a username and password option under the CUCM | System | Application Servers page for the third user field.

Hola Jaime, no he podido ver tu video, dice que lo han quitado de youtube por que la cuenta de YT ya no existe, puedes subirlo a otra plataforma de streaming? o re subirlo a YT por favor

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: