LDAP Integration issue- MeetingPlace Express 2.1.1.2
Hello ,
I have sucessfully installed Cisco Unified MeetingPlace Express 2.1.1.2
i can able to make audio/web conf .but i am unable to integrate with LDAP
while i am testing LDAP configuration i am getting below error
" Error while testing AXL configuration. Cisco Unified Communications Manager
is not available "
attached LDAP conguration and error
It would be great if any one can help me on this .
Thanks ,
Sam
Thanks Java ,
The same document i followed for LDAP confguration .
previously it was working for few time .
RTMT logs i can able to see MPX contacting to CUCM .
Attacehd the RTMT AXL /MPX logs
Thanks ,
Sam
Similar Messages
-
Hi Experts,
I am new to ADF Development, and trying to implement LDAP in my application. As per some forums i am using ADF Security. I have modified my WebLogic server, myrealm with LDAP details and added below mentioned codes in JPS-Config.xml file:
<serviceProvider type="IDENTITY_STORE" name="idstore.ldap.provider"" class="oracle.security.jps.internal.idstore.ldap.LdapIdentityStoreProvider">
<description>LDAP-based IdentityStore Provider</description>
</serviceProvider>
<serviceInstance name=idstore.ldap provider=idstore.ldap.provider>
<property name=idstore.config.provider value=oracle.security.jps.wls.internal.idstore.WlsLdapIdStoreConfigProvider/>
<property name=CONNECTION_POOL_CLASS value=oracle.security.idm.providers.stdldap.JNDIPool/>
<property name="username.attr" value="userPrincipalName"/>
<property name="user.login.attr" value="userPrincipalName"/>
<property name="virtualize" value="true" />
<property name="ldap.url" value="directory.corp"/>
<property name="idstore.type" value="ACTIVE_DIRECTORY"/>
</serviceInstance>
<serviceInstanceRef ref="idstore.ldap"/>
But i am not able to see Identity store menu option in the left pane of Configure ADF Security window. Could you please help me to fix this issue. Thanks in advance
I am using jDev 11g
Please find the below link for Configure ADF Security window
http://4.bp.blogspot.com/_earSixbe3dw/SUbg7OWLCQI/AAAAAAAAB-4/Fos2I5eBxWM/s1600-h/adf_sec_6.pnghttp://mahmoudoracle.blogspot.ca/2012/02/adf-integration-with-ldap.html#.UcCxHPm1GSo
http://biemond.blogspot.ca/2008/12/using-weblogic-provider-as.html -
CUCM 6 with MeetingPlace Express
Hello,
I have CUCM 6.1 integrated with MeetingPlace Express VT and everything is set up. However, when I test with trying to conference more than 2 users the video ends on everybody's desktop. When it is just 2 users the video shows up fine as soon as I conference in the next person it kicks the video off. Any help would be appreciated
Thanks!Sorry, forgot to mention that I have configured everything in CUCM and Meetingplace and created the Video conference bridge and added it to the MRGL. It shows the bridge as registered in both CUCM & MPE
Thanks! -
MeetingPlace Express Integration questions
Hi,
On MeetingPlace express, we can configure different ways for call-control integration.
In CallManager integration without gatekeeper mode, what's useful of the field of E.164 address under meetingplace H323 configuration mnue? By default it is "000". In this case, we can dial the more than one numbers of those configured on "Usage Configuration" or "Dial Configuration" if we correctly configured the route-pattern on CallManager;
But if integrated to Gatekeeper, we can only define one address which is the E.164 address under "H.323 configuration", and MeetingPlace express is registered to Gatekeeper as an endpoint; In this case, looks like those numbers defined on "Dial Configuration" or "Usage Configuration" does not help us. In this case, if the requirement is integrating gatekeeper, and have more than one DIDs can be used for meetingPlace express, how can we do?
Thanks,
JJCallManager SRND mentioned that we can add commands manually on gatekeeper for other MeetingPlace express access numbers, which answered my questions.
JJ -
Securing LDAP on Meetingplace Express
Hello,
I'm looking to harden the security of a MeetingPlace Express (V2.0.1.15).
SSL has been implemented successfully resulting in https browsing only.
The next step is to integrate with AD for user authentication over a secure link. The Bind requests currently are simple (i.e. clear text userid and password) which is not secure.
Can anyone advise on how this can be configured to use SSL/TLS for the LDAP queries. This is a standalone MPX in that I do not have a Cisco Call Manager to secure the queries.
Thanks.You will need to install the AD Plugin for CallManager before this.
Complete these steps in order to integrate MeetingPlace Express with Active Directory (AD):
- Log in to Cisco Unified MeetingPlace Express.
- Choose Administration at the top of the page.
- On the left side of the page:
Choose System Configuration.
Choose Usage Configuration.
- Configure these fields:
Cisco CallManager version-Set this field to Cisco Unified CallManager Release 4.x.
LDAP URL-Set this field:
Make sure that this URL starts with ldap, not http. For example, ldap://server-ip-address:port/
Make sure that there are no spaces after the URL.
Directory username-Use the format of an LDAP distinguished name, for example:
Password-Use the password that was specified during the Cisco Unified CallManager installation.
Cisco base
User base
Directory type
- Click Save. -
MeetingPlace Express 2.1 Record Meeting issue
Hi,
I have a problem when I try to record a meeting. The error message is:
"MeetingPlace Express failed to start recording, internal error."
Any idea what's wrong?You can enable or disable an automatic backup.
If the automatic backup is enabled, an L0 backup happens twice a week, every Monday and Thursday
at 11:00PM, local server time. The L1 backup is run each day at 1:00AM,local server time, while the L2 backups are done daily at 4:00AM,
8:00AM, 12:00PM, 4:00PM, and 8:00PM, local server time. The schedule is stored in the crontab file. -
MeetingPlace Express and LDAP Directory
Hello Folks,
I have got 2 questions:
1)Is there a built-in synch AD between CallManager and MeetingPlace Express? I would like to be able to add new people added in the CallManager to MPE directory automatically? Would it be possible?
2)can we add extra attendees on the fly if we go over
Thanks,Bahman,
You can set up an import file to bulk add profiles. Check the Importing Data into Meetingplace Express section.
http://www.cisco.com/en/US/products/ps6533/products_administration_guide_chapter09186a00805edd00.html
Best practices recommend that you setup floater and overbook ports using the formula specified in this link.
http://www.cisco.com/en/US/products/ps6533/products_administration_guide_chapter09186a0080579c3a.html#wp1054721
You can also read more about Floater and overbook ports here
http://www.cisco.com/en/US/products/ps6533/products_administration_guide_chapter09186a0080579c3a.html#wp1054072
HTH
Sankar
PS: please remember to rate posts! -
MeetingPlace Express can support Active Directory?
We are running MeetingPlace Express v1.1.2.1001. I was wondering if it is possible to use MS Active Directory integration? The purpose would be to enable us to select "from directory" under invitees when scheduling a meeting and it would pull the users/e-mail addresses from MS Active Directory.
I noticed under System Configuration, Usage Configuration, in the LDAP section you can select Directory Type Active Directory. However I cannot find any documentation on integration MS A/D.
If not, any word on the best way to get this integrated in a MS A/D environment?
ryanActive Directory is supported for authentication, but I don't believe it is for profile related information though I may be incorrect.
Once you set the Active Directory parameters via the Usage Configuration screen, you must define set the "isLocalUser" parameter to "No" during the import of user profiles. You cannot set this parameter from the User Profiles page, only via an import of user profile information.
Once you've set the isLocalUser parameter to No, MPE will look to AD for user authentication. -
Disk space problem on MeetingPlace Express
I get the email below daily. I'm thinking it's ok to cat /dev/null the cma.log file?
I also think I might be able to do the same thing to stdout.old?
Anything else I should try other than the instructions?
* Directory listing
[mpxadmin@meeting ConfSchd]$ ls -la
total 3036516
drwxrwxr-x 2 mpxadmin mpx 4096 Aug 2 13:27 .
drwxrwxr-x 17 root mpx 4096 Nov 4 2009 ..
-rw-rw-r-- 1 mpxadmin mpx 0 Nov 4 2009 ActConf.lk
-rw-rw-r-- 1 mpxadmin mpx 0 Nov 4 2009 Attach.lk
-rw-rw-r-- 1 mpxadmin mpx 4 Dec 22 2012 confId
-rw-rw-rw- 1 mpxadmin mpx 391 Apr 5 2010 pegstats
-rw-rw-r-- 1 mpxadmin mpx 255639 Aug 2 14:25 stderr
-rw-rw-r-- 1 mpxadmin mpx 1152127 Dec 22 2012 stderr.old
-rw-rw-r-- 1 mpxadmin mpx 516106727 Aug 2 16:50 stdout
-rw-rw-r-- 1 mpxadmin mpx 2588797008 Dec 22 2012 stdout.old
-rw-rw-r-- 1 mpxadmin mpx 0 Nov 4 2009 TCMap.lk
[mpxadmin@meeting ConfSchd]$
* EMAIL
This is an automated message from the MeetingPlace Express system with
hostname [meeting.afgrp.com] to inform you that disk space is low.
Details on where the problem is and how to resolve it are indicated below.
Low space in partition /. Percent used = [90].
The following files might cause trouble. However, inspect each one to make sure.
Look specifically for large files with old timestamps. Also, note that some of
the files indicated might have been previously mentioned. In this case, use the
prior instructions to handle these files rather than the instructions below.
If you are uncertain, contact Cisco TAC for confirmation/advice.
For the files below, use the following procedure to empty these files rather than
delete them outright.
1. For each file to be emptied do:
cat /dev/null > <filename>
2. After all files that you wish to empty have been emptied, do:
su // Enter 'root' password.
mpx_sys restart
-rw-rw-r-- 1 mpxadmin mpx 283120801 Apr 11 02:00 /var/mp/ConfSchd/stdout
-rw-r----- 1 root root 127007041 Dec 22 05:30 /var/spool/compaq/cma.log
In general, to free up disk space where it is uncertain exactly what files are in question,
do the following:
1. In general, go to places like /root, /mpxadmin, /tmp and do "ls -la" to look
for large files. If a file is large, old, and seems like some kind of log or
error file, it could be a candidate for deletion.
2. Generally files of type log (*.log), stderr, stdout, or txt (*.txt) are the
best candidates to look for. A good command to look for these types of
files with size of 10,000,000 bytes or larger is:
find / -name "<file type>" -exec ls -la {} ; | awk '{if( >=10000000) {print} }'
For example, to look for all log files 10,000,000 bytes or larger on
the entire system:
find / -name "*.log" -exec ls -la {} ; | awk '{if($5 >= 10000000) {print} }'
3. If you have a specific problem partition that you are trying to reduce size
for, do the following:
1. Find out the directory name of the top of the partition from "df".
2. "cd" to that location.
3. Then do: du -x -b --max-depth=1
4. Look for the directories that are really large.
5. Then "cd" into the worst subdirectory (or subdirectories).
6. Get a list of all large files from current directory location and lower:
(This example assumes 10,000,000 bytes and a check for .log files.
Note the starting location of '.' (current location) rather
than '/' (entire disk) ).
find . -name "*.log" -exec ls -la {} ; | awk '{if($5 >= 10000000) {print} }'
Complete output of the 'df' command:
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/sda1 6048320 5111204 629876 90% /
/dev/sda6 4032092 767336 3059932 21% /common
/dev/sda2 8064304 6492268 1162380 85% /db
/dev/sda9 256667 8416 234999 4% /grub
/dev/sda7 122154520 110696 115838720 1% /mpx-record
/dev/sda5 5036284 3577128 1203324 75% /opt
/dev/sda3 6048352 109032 5632080 2% /partB
none 1026932 22624 1004308 3% /dev/shmHi Josh,
It seems that the root partition of the MeetingPlace Express server is almost full. I have attached a document for your reference which can be used to minimize the disk space issues.
Once the steps mentioned in the attached document are completed, run the command "df" to check the disk space.
If you do not see much improvement in the root partition, then in that case some other files might need to be removed from the server to increase the root partition space.
If any of the partitions reach upto 90% or above, then the server might behave unexpectedly.
Feel free to revert if you have face any issues or have any queries.
Regards,
Rishabh -
MeetingPlace Express 2.1.1.2 Dial Out was not Successful
I'm configuring a MeetingPlace Express v.2.1.1.2 and I can't make the MPX do the call to the guests of a meeting.
I make the configuration test in: Services > Logs > Verify Configuration > Call configuration verification and show the following error:
==============================================================
==============================================================
Call-Config Report
Summary
WARNING:The H.323 ID should match the host name
Valid E.164 Address has been configured
H.323 gateway has been configured
Error: Dial Out was not Successful
Call-Config Report Details
H.323 Details
H.323 enabled : YES
E.164 address : 196
H.323 ID : mpxadmin
H.323 gateway 1 : 010.145.002.030
SIP enabled : YES
DialOut Session Summary
VUI Configuration: 250 Sessions, 250 Confs
*** VUI INTERNAL STATUS UTILITY ***
DebugMenu:
1) Quick Status of all Ports 4) Make Test Call
2) Verbose Status of Port Range 5) Show All Confs
3) Display complete Port Information 0) Quit
Enter the Command (0 -- 100) []: You entered 4.
Enter destination for your call: The Telephone Number is 196. Len is 3
Do you want specific ports? (t -- F): You entered f.
Placing Call .....Call was unsuccessful: Ring No Answer.
DebugMenu:
1) Quick Status of all Ports 4) Make Test Call
2) Verbose Status of Port Range 5) Show All Confs
3) Display complete Port Information 0) Quit
Enter the Command (0 -- 100) []: You entered 0.
==============================================================
==============================================================
That parameter could check?
Here I place information on the configuration of my network:
CUCM v.7.0 --> 10.145.2.10
Voice Gatweay --> 10.145.2.30
In CUCM > Device > Gateway --> Gateway: 10.145.2.20 | Description: Cisco MeetingPlace Express | Type: H.323 Gateway | IP: 10.145.2.20
Please expect your valuable help!
Thanks a lot!
ErnestoGhi Ernesto,
As the problem you are facing is a dial out issue on MPE, go
through the checklist mentioned below in order to confirm the configuration
is intact.
Here is the checklist :
1. Ensure that H323 GW is defined on CCM/CUCM.
Device > Gateway > find.
Look for a device name that equals either MPE's hostname, FQDN, or IP
Address.
2. Ensure that h323 Gateways are configured on MPE.
MPE Administration Center > System Configuration > Call Configuration > H323
Configuration
Ensure that h323 is enabled.
Ensure that you have entered your CCM's IPs in h323 Gateway 1, 2
3. Ensure that CCM's interface with MPE is up.
Ensure that MPE's IP Address is listed under the "IP Address" column.
Ensure that this IP Address is that of the FIRST NIC on MPE, not the second.
4. Verify that MPE has the CSS required to call the destination.
FIRST, FIND MPE's CSS:
When MPE places a call, the CSS in question is Device > Gateway > MPE-GW >
Inbound
THEN the relevant config is under Device > "Call Routing Information -
Inbound Calls" > Calling Search Space
SECOND, FIND DESTINATION PATTERN's PARTITION:
If the destination is an IP Phone within the CCM/CUCM Cluster, then the
relevant config is under Device > Phone > click on Directory Number in CCM.
If the destination is a PSTN endpoint/phone, then the relevant config is
under Device > Route Pattern.
5. Ensure that your user profile is set to allow outdials.
MPE Administration Center > User Configuration > User Profile Management >
Your User Profile > Can call out of meetings should be set to "Yes".
6. When you place a call from from the CLI, the system applies permissions
from the "Guest" User profile since mpxadmin or root are not Users within
the MPX application. To allow this to work, you need to verify two
settings:
MPE Administration Center > User Configuration > User Profile Management >
Guest > Can call out of meetings should be set to "Yes".
Ensure that the Guest profile is not in a "locked" state.
MPE Administration Center > System Configuration > Usage Configuration >
Allow Guest outdials should be set to "Yes".
Hope this helps!
Thanks,
Karthik -
Enterprise Portal - MDM - LDAP integration
We are succesfully able to integrate Portal to MDM with a trusted connection and with portal users existing in LDAP and mdm users existing in MDM console.
We also successfully integrated MDM with LDAP so that we dont have to store users in console, but manage them in LDAP. But once we did the LDAP integration, portal to MDM connection was lost saying mdm user details could not be retrieved.
Has anybody faced this issue? what key steps to taken care during MDM-LDAP integration.Hi goerge,
When ever we integrate MDM with LDAP, we need to make a setting in MDS.ini file.
Please check the "User Identifier" setting in MDS.ini file.
Typically this should be The name of the LDAP id field which will match the value the user provides as the Username at logon.
Make the entry in MDS.ini like User Identifier = cn or SamAccountName.
If that is done, please verify other parameters corresponding to LDAP in MDS.ini as per the table 91 in Page no 291 in MDM Console referece guide.
Or refer to the SAP note 1635338 for reference which is pointing to same issue.
This should solve your problem.
Regards,
Sravan -
MeetingPlace Express User ID Change
I am running MeetingPlace Express 2.1.1.2 and it is AD/CCM Integrated. We in the process of changing our AD User login ID and I may have run into a problem. From Call Manager perspective I just perform a full sync and it is good when a change is made.
However I cannot modify the user ID in Meeting Place Express.In reading the on line help, it says "Deleting a user profile also results in the removal of all meetings scheduled by that user from the end-user web interface; however, any meetings scheduled by that user still exist in the system" Does that not contradict itself?
When I add the user back with the same profile ID, will it re-associate the scheduled meetings? Also, is there a way to manually modify/sync the user id rather than deleting and re-adding?
Thanks, in advance.
DougI still don't understand how and when you are encountering that obstacle, but nevertheless if you cannot surmount it you will have to solicit Apple's help.
Apple can reset your iPhone if you present them its original, dated sales receipt. I believe you will have to do that in person at an Apple Store or an Apple Authorised Service Provider. -
CM 7.1 LDAP integration not updating
I have an LDAP integration that worked at 1 time to import all the users but now when I make a change to a user in AD, it never gets to CM. The sync process seems to just sit there and the only option is to "Cancel Sync". I can update the LDAP fields without error so the user/pass and search space all appear t obe correct. I have looked for issues online but cant find anything to matches this issue, they are usually a search base issue.
I'm facing the same problem.
I have set up a lab for LDAP integration and after setting up for the first time worked but one user that exists on CUCM and do not exists on AD was flaged as active i decided to remake ldap settings after that nothing works anymore, it sayd that users are active even if they do not exist on AD.
If i add a new ldap directory does not sync and users are not added.
Any idea?
already restarted server...no joy -
CM already integrated to AD.
Meetingplace Express also configured for auth with AD.
When a user logs in, his profile is automatically created.
According to this link
http://www.cisco.com/en/US/products/ps6533/products_administration_guide_chapter09186a0080579c97.html#wp1142444
Table 5-4, it says PIN used for authentication will be the PIN number stored in external directory, which is AD in my case. Where is PIN number stored in AD ?
Thanks
Sankar.Hi Sankar -
Check out this link for the plugin to CallManager and Active Directory - http://www.cisco.com/en/US/customer/products/sw/voicesw/ps556/products_installation_and_configuration_guide09186a008055cded.html#wp70923
I'm sure the schema attribute associated with the PIN is part of the User's record, just like the DTMFAliasId and such are for Unity attributes. Here are the ldif files used to update the schema:
Active Directory
1. C:\dcdsrvr\run\dcx500\config\AD\at_schema.ldif? Adds the attributes for schema updates
2. C:\dcdsrvr\run\dcx500\config\AD\oc_schema.ldif?Adds the object classes for schema updates
3. C:\dcdsrvr\run\dcx500\config\ContainersAndSysProfiles.ldif?Creates the default containers and system profile
4. C:\dcdsrvr\run\dcx500\config\SpecialUserProfiles.ldif?Creates the profiles for Cisco-specific special users
5. C:\dcdsrvr\run\dcx500\config\SpecialUsers_AD.ldif?Creates the Cisco-specific special users
You can use ADSIEdit to view the cisco attributes for a user as well as inspect the ldif file, for example Unity attributes begin with ciscoescbu followed by the specific name. We are using CallManager's own DC directory for our MeetingPlace Express, otherwise I would have looked for the specific nomenclature for you and posted it here.
Regards, Ginger -
LDAP integration - "LDAP Import adapter warning: No LDAP entry was defined"
Hi,
I am trying to integrate ETPM with LDAP (Microsoft AD). I have successfully connected Weblogic and can see the AD users there; I followed the instructions in the "Oracle Utilities Application Framework Administartion User's Guide" on how to integrate with LDAP:
1) I defined the JNDI server
2) I created a mapping file as described
3) registered the file within XAIParameterInfo.xml and MPLParamaterInfo
WHen i try to import users via the LDAP Import menu the reponse is empty, in the logs I see the following message: "LDAP Import adapter warning: No LDAP entry was defined". Does anybody have had similar issues and maybe a solution to this issue?
My versions:
Customer Release V4.1.0 000 000
Oracle Enterprise Taxation Management V2.3.1.1.0 001 001
Oracle Utilities Application Framework V4.1.0.1.0 001 000
My assumption is there is something wrong with the config, as all other connection (including the one from Weblogic) are successful.
I appreciate any feedback on this.
Best regards,
SebastianWould have liked to post an update in my other post, but that one is locked. I found so many problems with the LDAP integration but eventually managed. If anyone runs into similar issues, here is what you need to check:
1) AD admin user password - is limited to 8 characters (nowhere mentioned in the docs!!!)
2) Be careful using cases; do NOT rely on the documentation, it is wrong! here is a sample ldapdef.xml (I highlighted the changes you need to make in comparison to the documentation):
<LDAPEntries>
<LDAPEntry name="User" baseDN="CN=Users,DC=yourdomain,DC=com" cdxEntity="User" searchFilter="(&(objectClass=user)(name=%searchParm%))">
<LDAPCDXAttrMappings>
<LDAPCDXAttrMapping ldapAttr="name" cdxName="*user*" />
<LDAPCDXAttrMapping cdxName="LanguageCode" default="ENG" />
<LDAPCDXAttrMapping cdxName="FirstName" default="fn1" />
<LDAPCDXAttrMapping cdxName="LastName" default="fn2" />
<LDAPCDXAttrMapping cdxName="DisplayProfileCode" default="NORTHAM" />
<LDAPCDXAttrMapping cdxName="ToDoEntries" default="1" />
<LDAPCDXAttrMapping cdxName="TD_ENTRY_AGE_DAYS2" default="12" />
</LDAPCDXAttrMappings>
<LDAPEntryLinks>
<LDAPEntryLink linkedToLDAPEntity="Group" linkingLDAPAttr="memberOf" />
</LDAPEntryLinks>
</LDAPEntry>
<LDAPEntry name="Group" baseDN="OU=Groups,OU=yourgroup,DC=yourdomain,DC=com" cdxEntity="*Group*" searchFilter="(&(objectClass=group)(name=%searchParm%))">
<LDAPCDXAttrMappings>
<LDAPCDXAttrMapping ldapAttr="name" cdxName="*group*" />
<LDAPCDXAttrMapping ldapAttr="description" cdxName="Description" default="Unknown" />
</LDAPCDXAttrMappings>
<LDAPEntryLinks>
<LDAPEntryLink linkedToLDAPEntity="User" linkingSearchFilter="(&(objectClass=user)(memberOf=%distinguishedName%))" linkingSearchScope="onelevel" />
</LDAPEntryLinks>
</LDAPEntry>
</LDAPEntries>
Oracle OUAF, update your documentation, please.
Regards,
Seb
Maybe you are looking for
-
Cant upload new songs in iTunes from new computer onto iPhone 3gs
How do I upload new songs in my new iTunes from my mac to my iphone 3gs WITHOUT deleting or replacing all the old songs? My old computer crashed and I have no way of accessing those old songs but I dont want to loose all 509 songs. some were burnt fr
-
Multiple Sound Clip Strategy Suggestions Sought
I am using the javax.sound objects to play the sounds. I am writing an application using the javax.sound api where each object owns a sound clip that can be played at any point in time. Some objects can play the same sound - and if this occurs these
-
ItemFocusOut not catching "TAB" key in Datagrid edited cell?
In DataGrid, "keyUp" can catch "TAB" key when it is pressed, but the Keyboard event has less information needed. I tried itemFocusOut, but it seems DataGridEvent would not catch it. Any tips on how to make "TAB" key generate DataGridEvent or similar
-
How to ge outgoing call time in Java ME
Is it possible to get outgoing time call from MIDlet? Thanks in advance
-
Virus Protection for Windows XP
I recently converted to the MacBook Pro - I have installed Parallels and Windows XP. Do I have to get a virus program to protect my Windows XP operating sytem. I have been told that Mac is not able to get a virus. What do you recommend?