Multi forest LDAP and Extension mobility
hello,
We want to support the following configuration:
MultiForest LDAP integration with CUCM 10.5.
So we want to set the "LDAP Attribute for User ID" on UserPrincipalName (UPN). > [email protected]
We also want to support Extension Mobility.
Is there a way to make te login proces easier than logging in with [email protected] and the PIN code?
Unfortunately no, the EM process uses whatever you chose for userID for the login.
Similar Messages
-
Multi-Forest LDAP Authentication
Hi Guys
We are trying to implement authentication and import across multiple domains
We originally tried to build our own custom code but this has failed due to some unforseen errors.
I have revert back to the inbuilt ciac option for import person and EUA
The import for one domain is working however, i wish use multiple forests and to add a unique identifier to the login name to avoid login name clashes
for example
ASE\#sAMAccountName#
or
#userPrincipalName#
When i try to add this i receive the error that no person fround in the result of the LDAP getperson search
I have tried the format for EUA as
uid=#LoginId#,dc=ase,dc=internal
DomainName\#LoginId#
#LoginId#
Any help will be greatly apreciated
Regards,
MattIf you are logging into java (i.e. tomcat55) and have set up a krb5.ini. All users that are not in the default domain need to logon with username @FQDN.COM where FQDN.COM is their fully qualified domain name in all caps. That FQDN.COM should be entered in the krb5.ini (in all caps) with at least 1 KDC defined.
Do a search on SMP (look at the forum sticky for the link) for rules for krb5.ini and I have a more in depth explanation for multi forest and multi domain as it pertains to the krb5.ini.
To verify AD connectivity is ok use a client tool like deski/designer/business views. Since there tools don't use java you can logon with domain\user (no case sensitivity).
Also to note urgently issues should open cases with support the forums are not the place and it is against the rules of engagement (also in the sticky post )
Regards,
Tim -
I have a UC520 with the latest version IOS (uc500-advipservicesk9-mz.124-11.XW5) it has the commands to make a logout profile and enable extension mobility. The phone (7971) that the logout profile is associated with does not see extension mobility enabled however at the CLI the IOS says it is. Any help? The profile functions as far as to bring up the associated ephone-dn.
Which exact IOS are you using? I've heard that XW6 has this sort of problem while XW5 is fine.
-
User EM has an EM profile associated and ICD checkbox checked. EM is enabled on ip phones ph1,2 and 3. Phone 1 2 and 3 are associated to the RM JTAPi user. I am able to login into the phones using the EM profile and also able to log into the queue with out any issues.
Is there a requirement to associate both the phone and EM profile to the rmjtapi user for IPPA to work?
SankarHi Sankar,
Im not an IPCC express expert but this should help you.
When you run Extension Mobility in IPCC Express, implement these actions with respect to device association:
Associate RMUser with all phones that an agent has the potential to use for phone needs.
Associate the agent with the agent Extension Mobility profile.
http://www.cisco.com/en/US/products/sw/custcosw/ps1846/products_qanda_item09186a00802444f6.shtml -
Hello,
I'm configuring the Extension Mobility Service but I found a very strange failure.
1) I have configured the Extension Mobility Service ( http://10.10.1.1/emapp/EMAppServlet?device=#DEVICENAME# ) and i did subscribe under every phones.
2) I've created the Device Profiles for every phones.
3) Under Global Directory I did insert the users and they control own device and extension mobility feature
When the user click the "World Button" on the phone it appears not the Extension Mobility Feature but the message: " MAC-ADDRESS NOT AVAILABLE .
I did attach the version and CCM's details.
Someone has had before the same problems ?hi,
please can you tell me what is configured in the menu :
"System - Enterprise Parameters - URL Services"
http://CallManager-IP-Address/CCMCIP/getservicesmenu.asp
If so look whether IP-Address or DNS-Name of the Call Manager is configured
regards
alex -
Extension Mobility in CUCM 7.1: How to send Userid and Pin with Service Par
Hi at all
is it possible to configure the IP Phone Service (CUCM 7.1)for Extension mobility so that when a user login in EM they dont need to insert the UserID and UserPin???
I think it could work with the Service Parameter but I dont know how.
Have somebody an idea?
Thanks.
kind regards
JoséHi!
As far as I know that's not possible and it will defeat the purpose of using Extension Mobility as anyone could login from a phone with no credentials. Porbably you could configure a script or something that allows you to accomplish this, but it won't be supported.
Regards,
Teresa.
If you find this post helpful, please rate! :) -
extension mobility - can i have 2 extension mobility profiles with the same extension for a 7970 phone and a 7975 phone? thanks
Yes, or simply configure 1 UDP and default device profile for the other one.
EDIT: and actually with those models, you should be able to use just one
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/admin/10_0_1/ccmfeat/CUCM_BK_F3AC1C0F_00_cucm-features-services-guide-100/CUCM_BK_F3AC1C0F_00_cucm-features-services-guide-100_chapter_011000.html#CUCM_RF_EDCB3C30_00 -
Strange problem with Extension Mobility and Click to Call
Can anyone explain how is it possible ? Any ideas, guys?
CUCM 7.1.3
PC1 with IP comm. and user1 is logged in to Extension Mobility + Click to Call. User1 can make a call using Click to Call.
PC2 with IP comm. and user2 is logged in to Extension Mobility + Click to Call. User2 can't make a call using Click to Call.
The following error appears on the PC2 screen:
"The call failed. Please ensure you are logged into your Extension Mobility device. If the problem persists contact your phone administrator"
Here is the log from PC2:
2010-02-03 12:49:46,781 [16] INFO - 1 devices returned from ParseDevices
2010-02-03 12:49:46,781 [16] DEBUG - 0) MY IPC - Cisco IP Communicator - SEP0022680B43E9
2010-02-03 12:49:48,703 [1] DEBUG - entering FindCallRecord - 26468949
2010-02-03 12:49:48,703 [1] INFO - matched tag with call record - 26468949
2010-02-03 12:49:48,703 [1] INFO - action - new call: ct:Click to Call;rt:20100203-12494870;pn:26468949;pt:;cn:desk phone ct:;desk phone rt:;desk phone pn:;desk phone pt:;soft Phone cn:soft Phone ct:;soft Phone rt:;soft Phone pn:;soft Phone pt:;soft Phone cn:
2010-02-03 12:49:48,734 [1] DEBUG - ClickToCallDialer server and port10.100.3.1:8443
2010-02-03 12:49:48,734 [1] INFO - make call through WD - 26468949
2010-02-03 12:49:48,734 [1] INFO - MakeCall: user(a.koltalo) to(26468949) with profile(a.koltalo;Extension Mobility Phone;;True)
2010-02-03 12:49:51,859 [1] ERROR - make call failure through WD - CALL_FAILURE_ERROR
2010-02-03 12:49:51,859 [1] DEBUG - entering WriteRecord - 26468949
2010-02-03 12:49:51,859 [1] INFO - record already exists, go through records to remove matched record - C:\Documents and Settings\Jevgenij\Application Data\Cisco\Click to Call\Data\Outbound\26468949.xml
2010-02-03 12:49:51,859 [1] DEBUG - entering ReadRecord - C:\Documents and Settings\Jevgenij\Application Data\Cisco\Click to Call\Data\Outbound\26468949.xml
2010-02-03 12:49:51,875 [1] DEBUG - push call record into stack
2010-02-03 12:49:51,875 [1] DEBUG - write record into file
2010-02-03 12:49:51,875 [1] INFO - outbound call record changed, fire event to notify
2010-02-03 12:52:08,484 [17] DEBUG - ClickToCallDialer server and port10.100.3.1:8443
2010-02-03 12:52:08,593 [17] DEBUG - entering QueryDevices - 10.100.3.1 - a.koltalo
2010-02-03 12:52:08,656 [17] INFO - return success from GetDevices -
User2 moves from PC2 to PC1 - run IP comm. do loggin to Extension Mobility and run Click to Call with his credentials. User2 can make a call using Click to Call
User1 moves from PC1 to PC2 - run IP comm. do loggin to Extension Mobility and run Click to Call with his credentials. User1 can't make a call using Click to Call
PC2 and PC1 - have the same configuration and software installed, both PCs are on the same LAN subnet. There are no any firewalls between PCs and CUCM server.Sounds like a possible permissions issue on the workstation to me. Have you tried configuring one of your test users as the local admin on the workstation?
-
QM 8.5.2 SR2 (8.5.2.18) and 9971 extension mobility recording NBR
Hi,
Does anyone know if network based recording on a 9971 works with extension mobility users?
I can get Network based recording to work with QM if I put the users extensions on the phone itself, but it doesn't record when they log in with extension mobility profile and the EM profile is 9971 type and has recording profile set on the extension on the device profile, etc.
I need extension mobility for these users as they move around and need recording to work and call center won't let them log in if I put the extension on the phone and they log in to another phone with EM.
I've found some other forum posts suggesting this may not be supported but not really sure and can't find it mentioned in the documentation.
In QM I do have all the 9971s phone used by the EM agents under VoIP devices as well as their user profiles and the agent id is selected for the user profile (not the phone) under VoIP devices. The recording server is set correctly for the phone and the recording type is Network Based. I can't set the Monitor server for the phone and I can't set the recording or monitor server or recording type for the user profiles.
ThanksI understand you need to configure only Agent name in voip device, it is not prefered method to hardcode phone if it is used by multiple agents.
bala -
Specify ID and PIN in extension mobility URL?
Hi
I have a customer who is using extension mobility to allow users to log in/out of hunt groups. They would like to streamline the process by removing the need to enter the PIN each time. I'm wondering if it's possible to include the user id and pin in the service URL so they could make a separate IP service for each agent.Mahesh,
I wouldn't bother testing, this is an old post and I had replied to another of his before which he didn't respond too. Here is my other post, the URL above and in mine is correct.
http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Unified%20Communications%20and%20Video&topic=IP%20Phone%20Services%20for%20End%20Users&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1ddbd2f0/5
Thanks
Fred -
Cisco Unified WFO - Call Recording and Quality Management with Extension Mobility agents
Hi All,
We're considering Cisco Unified WFO - Call Recording and Quality Management for a customer running UCCX 8.0, agents on multiple WAN sites, all agents using extension mobility.
The documentation I've been able to find describes three different recording methods:
Using Desktop Recording service (Endpoint) to record from an agent’s desktop.
Server Recording - Uses SPAN (not so good for remote sites)
Network Recording - Uses CUCM recording service / SIP trunk / phone's built in bridge.
Network recording or Desktop recording should be suitable for the customer but it seems that Extension mobility is not supported. Extension Mobility is not mentioned in the 8.5 installation guide, it is mentioned as ‘not supported’ in the 8.0 guide as follows:
'Server Recording and Network Recording have the following limitations:
• Extension mobility is not supported.'
Neither version's documentation specifically mention extension mobility in relation to the desktop recording method, though I realise this is a similar approach to the 'server recording' method.
So the question I have is: Is extension mobility supported in any way on version 8.0, or version 8.5 for recording? And if so which recording method(s) are supported?
Thanks,
JonathanHi,
I had more luck asking questions over at the Calabrio forum - they make the software and Cisco re-brand a version of it - there is some good info on their portal (http://portal.calabrio.com), you have to register but it's fairly painless. The answer I got was:
"QM Desktop recording has always supported extention mobility as it determines the recorded user by the desktop user's login. Extention mobility was not supported for Server and Network recording until the Calabrio QM 8.6.2 release in April 2011 and will be added to Cisco QM starting with QM 8.5.2 in June 2011"
Regards,
Jonathan -
Multi-Domain LDAP UME configuration
Hello
We have EP 7.0 installed and want to connect the UME to our Corporate
LDAP (MSADS) as data source.
Our ADS is as follows:
domain.pt u2013 This is our top level domain. Here we have our main users.
Gs.domain.pt u2013 This is a child domain of ren.pt. Here are some special
users that cannot be moved to domain.pt level (because of this we have to
use multi-domain configuration)
According to some documents Step 2 of Note 762419 - Multi-Domain Logon
Using Microsoft Active Directory this configuration as to be done
according to a Multiple-Domain UME LDAP Configuration.
Following is is my configuration of LDAP access:
I have set the u201CUME LDAP Datau201D in Config Tool to point to
the u201CdataSourceConfiguration_ads_readonly_db_with_krb5_multipledomain.xmlu201D configuration file that has been previously change by me following previous documents. The xml is is the end of the message
Also in the u201CUME LDAP Datau201D (Directory Server) I have defined the following settings:
Server Name: dc01.domain.pt (This is the DC of domain.pt)
Server port: 389
User: j2ee-pp3 @domain.pt
Pass: ******* (ok on all configuration tests and authentication)
SSL: NO.
User Path: DC=domain,DC=pt
Group Path: DC=domain,DC=pt
Checked the u201CFlat User Group Hierarchyu201D.
Checked the u201CUse UME Unique id with unique LDAP Attributeu201D.
At u201CAdditional LDAP Propertiesu201D I have set the properties of
ume.ldap.unique_user_attribute(global) and
ume.ldap.unique_uacc_attribute(global) to userprincipalname. This was
done according to the Multi-Domain configuration.
Also ume.ldap.access.multidomain.enabled=true was set the property
sheet of the UME service. After this all checks are ok including in
User Administration in Portal.
Conclusion: We have no problem with SSO and search capabilities
at u201Cdomain.ptu201D level. All users of this domain are able to access the
portal with SSO.
Nevertheless no user from u201Cgs.domain.ptu201D is able to logon. Additionally,
using User Admninistration in Portal with option u201CAll Data Sourcesu201D
returns no results when searching for users from this child domain. It
seems the the configuration file does not recognize gs.domain.pt.
Is it possible that our xml file is incorrectly adapted? Is there any
missing or wrong configuration for multi-domain LDAP access? Please
advice.
Thanks in advance
dataSourceConfiguration_ads_readonly_db_with_krb5_multipledomain.xml
<?xml version="1.0" encoding="UTF-8"?>
<!-- $Id: //shared_tc/com.sapall.security/630_SP_COR/src/_deploy/dist/configuration/shared/dataSourceConfiguration_ads_readonly_db_with_krb5_multipledomain.xml#6 $ from $DateTime: 2004/08/20 09:55:24 $ ($Change: 17140 $) -->
<!DOCTYPE dataSources SYSTEM "dataSourceConfiguration.dtd">
<dataSources>
<dataSource id="PRIVATE_DATASOURCE"
className="com.sap.security.core.persistence.datasource.imp.DataBasePersistence"
isReadonly="false"
isPrimary="true">
<homeFor>
<principals>
<principal type="group"/>
<principal type="user"/>
<principal type="account"/>
<principal type="team"/>
<principal type="ROOT" />
<principal type="OOOO" />
</principals>
</homeFor>
<notHomeFor/>
<responsibleFor>
<principals>
<principal type="group"/>
<principal type="user"/>
<principal type="account"/>
<principal type="team"/>
<principal type="ROOT" />
<principal type="OOOO" />
</principals>
</responsibleFor>
<privateSection>
</privateSection>
</dataSource>
<dataSource id="CORP_LDAP"
className="com.sap.security.core.persistence.datasource.imp.LDAPPersistence"
isReadonly="true"
isPrimary="true">
<homeFor/>
<responsibleFor>
<principal type="account">
<nameSpace name="com.sap.security.core.usermanagement">
<attributes>
<attribute name="j_user"/>
<attribute name="j_password"/>
<attribute name="userid"/>
<attribute name="logonalias"/>
</attributes>
</nameSpace>
</principal>
<principal type="user">
<nameSpaces>
<nameSpace name="com.sap.security.core.usermanagement">
<attributes>
<attribute name="firstname" populateInitially="true"/>
<attribute name="displayname" populateInitially="true"/>
<attribute name="lastname" populateInitially="true"/>
<attribute name="fax"/>
<attribute name="email" populateInitially="true"/>
<attribute name="email"/>
<attribute name="title"/>
<attribute name="department"/>
<attribute name="description"/>
<attribute name="mobile"/>
<attribute name="telephone"/>
<attribute name="streetaddress"/>
<attribute name="uniquename" populateInitially="true"/>
<attribute name="krb5principalname"/>
<attribute name="kpnprefix"/>
<attribute name="dn"/>
</attributes>
</nameSpace>
<nameSpace name="com.sap.security.core.usermanagement.relation">
<attributes>
<attribute name="PRINCIPAL_RELATION_PARENT_ATTRIBUTE"/>
</attributes>
</nameSpace>
<nameSpace name="$usermapping$">
<attributes>
<attribute name="REFERENCE_SYSTEM_USER"/>
</attributes>
</nameSpace>
</nameSpaces>
</principal>
<principal type="group">
<nameSpaces>
<nameSpace name="com.sap.security.core.usermanagement">
<attributes>
<attribute name="displayname" populateInitially="true"/>
<attribute name="description" populateInitially="true"/>
<attribute name="uniquename"/>
</attributes>
</nameSpace>
<nameSpace name="com.sap.security.core.usermanagement.relation">
<attributes>
<attribute name="PRINCIPAL_RELATION_MEMBER_ATTRIBUTE"/>
<attribute name="PRINCIPAL_RELATION_PARENT_ATTRIBUTE"/>
</attributes>
</nameSpace>
<nameSpace name="com.sap.security.core.bridge">
<attributes>
<attribute name="dn"/>
</attributes>
</nameSpace>
</nameSpaces>
</principal>
</responsibleFor>
<attributeMapping>
<principals>
<principal type="account">
<nameSpaces>
<nameSpace name="com.sap.security.core.usermanagement">
<attributes>
<attribute name="domain_j_user">
<physicalAttribute name="samaccountname"/>
</attribute>
<attribute name="j_user">
<physicalAttribute name="userprincipalname"/>
<attribute name="logonalias">
<physicalAttribute name="userprincipalname"/>
</attribute>
<attribute name="j_password">
<physicalAttribute name="unicodepwd"/>
</attribute>
<attribute name="userid">
<physicalAttribute name="null"/>
</attribute>
</attributes>
</nameSpace>
</nameSpaces>
</principal>
<principal type="user">
<nameSpaces>
<nameSpace name="com.sap.security.core.usermanagement">
<attributes>
<attribute name="firstname">
<physicalAttribute name="givenname"/>
</attribute>
<attribute name="displayname">
<physicalAttribute name="displayname"/>
</attribute>
<attribute name="lastname">
<physicalAttribute name="sn"/>
</attribute>
<attribute name="fax">
<physicalAttribute name="facsimiletelephonenumber"/>
</attribute>
<attribute name="uniquename">
<physicalAttribute name="userprincipalname"/>
</attribute>
<attribute name="loginid">
<physicalAttribute name="null"/>
</attribute>
<attribute name="email">
<physicalAttribute name="mail"/>
</attribute>
<attribute name="mobile">
<physicalAttribute name="mobile"/>
</attribute>
<attribute name="telephone">
<physicalAttribute name="telephonenumber"/>
</attribute>
<attribute name="department">
<physicalAttribute name="ou"/>
</attribute>
<attribute name="description">
<physicalAttribute name="description"/>
</attribute>
<attribute name="streetaddress">
<physicalAttribute name="postaladdress"/>
</attribute>
<attribute name="pobox">
<physicalAttribute name="postofficebox"/>
</attribute>
<attribute name="krb5principalname">
<physicalAttribute name="userprincipalname"/>
</attribute>
<attribute name="kpnprefix">
<physicalAttribute name="samaccountname"/>
</attribute>
<attribute name="dn">
<physicalAttribute name="distinguishedname"/>
</attribute>
</attributes>
</nameSpace>
<nameSpace name="com.sap.security.core.usermanagement.relation">
<attributes>
<attribute name="PRINCIPAL_RELATION_PARENT_ATTRIBUTE">
<physicalAttribute name="null"/>
</attribute>
</attributes>
</nameSpace>
<nameSpace name="$usermapping$">
<attributes>
<attribute name="REFERENCE_SYSTEM_USER">
<physicalAttribute name="sapusername"/>
</attribute>
</attributes>
</nameSpace>
</nameSpaces>
</principal>
<principal type="group">
<nameSpaces>
<nameSpace name="com.sap.security.core.usermanagement">
<attributes>
<attribute name="displayname">
<physicalAttribute name="displayname"/>
</attribute>
<attribute name="description">
<physicalAttribute name="description"/>
</attribute>
<attribute name="uniquename" populateInitially="true">
<physicalAttribute name="ou"/>
</attribute>
</attributes>
</nameSpace>
<nameSpace name="com.sap.security.core.usermanagement.relation">
<attributes>
<attribute name="PRINCIPAL_RELATION_MEMBER_ATTRIBUTE">
<physicalAttribute name="null"/>
</attribute>
<attribute name="PRINCIPAL_RELATION_PARENT_ATTRIBUTE">
<physicalAttribute name="null"/>
</attribute>
</attributes>
</nameSpace>
<nameSpace name="com.sap.security.core.bridge">
<attributes>
<attribute name="dn">
<physicalAttribute name="null"/>
</attribute>
</attributes>
</nameSpace>
</nameSpaces>
</principal>
</principals>
</attributeMapping>
<privateSection>
<ume.ldap.access.server_type>MSADS</ume.ldap.access.server_type>
<ume.ldap.access.context_factory>com.sun.jndi.ldap.LdapCtxFactory</ume.ldap.access.context_factory>
<ume.ldap.access.authentication>simple</ume.ldap.access.authentication>
<ume.ldap.access.flat_group_hierachy>true</ume.ldap.access.flat_group_hierachy>
<ume.ldap.access.user_as_account>true</ume.ldap.access.user_as_account>
<ume.ldap.access.dynamic_groups>false</ume.ldap.access.dynamic_groups>
<ume.ldap.access.ssl_socket_factory>com.sap.security.core.server.https.SecureConnectionFactory</ume.ldap.access.ssl_socket_factory>
<ume.ldap.access.objectclass.user>User</ume.ldap.access.objectclass.user>
<ume.ldap.access.objectclass.uacc>User</ume.ldap.access.objectclass.uacc>
<ume.ldap.access.objectclass.grup>organizationalUnit</ume.ldap.access.objectclass.grup>
<ume.ldap.access.naming_attribute.user>cn</ume.ldap.access.naming_attribute.user>
<ume.ldap.access.auxiliary_naming_attribute.user>samaccountname</ume.ldap.access.auxiliary_naming_attribute.user>
<ume.ldap.access.naming_attribute.uacc>cn</ume.ldap.access.naming_attribute.uacc>
<ume.ldap.access.auxiliary_naming_attribute.uacc>samaccountname</ume.ldap.access.auxiliary_naming_attribute.uacc>
<ume.ldap.access.naming_attribute.grup>ou</ume.ldap.access.naming_attribute.grup>
<ume.ldap.access.pwd.via.usercontext>true</ume.ldap.access.pwd.via.usercontext>
<ume.ldap.access.set_pwd>true</ume.ldap.access.set_pwd>
<ume.ldap.access.multidomain.enabled>true</ume.ldap.access.multidomain.enabled>
<ume.ldap.access.extended_search_size>200</ume.ldap.access.extended_search_size>
<ume.ldap.access.domain_mapping>
[DOMAIN_PT;DC=domain,DC=pt]
[GS_DOMAIN_PT;DC=gs,DC=domain,DC=pt]
[gs;DC=DC=gs,DC=domain,DC=pt]
[domain;DC=pt]
</ume.ldap.access.domain_mapping>
</privateSection>
</dataSource>
</dataSources>
Edited by: Joaquim Pereira on Feb 7, 2009 1:34 PMHi Gaetano
I tried to set back the "uniqueid" in the XML to samaccountname.
Also, i changed the spnego to go only to domain.pt (gs.domain.pt is a child domain).
In the 1st tests this worked perfectly, but we still to do some testings with this config.
When i get confirmation, ill reply here.
Thank you.
PS:. we thought on defining the abap user for each user, but there are a lot of users...
we'll try this config, and if it doesn't work, probably, thats what we'll do.
Edited by: Joaquim Pereira on Feb 12, 2009 5:45 PM
Everything seams to be working now. setting back the uniqueid to samaccountname and configuring spnego to go to only 1 domain solved the issue.
I just need to test which change did the trick.
Edited by: Joaquim Pereira on Feb 13, 2009 1:02 PM -
Ccm 4.1.3 : Extension mobility error [10]
Hello,
CCM is integrated with Active Directory, passwords of CCMadministrator and CCMsysuser are syncronized.
When users try to login into extension mobility service they receive error [10] which is:
Proxy Authentication Not Allowed: the appID that is specified does not have rights to log in or log out other users.
I guess that appID is CCMSysUser here, so where could these right could possibly be turned on? I've tried looking in the attributes of CCMSysuser in Active Directory - no luck, nothing like proxy rights/auth found.No luck.
Tried reinstalling LDAP integration plugin, installation completed OK, but password fields of ccmadministrator and ccmsysuser in the CCM's regisrty became empty.
After putting there encrypted password (passwordutils.exe) and restarting IIS ADMin/TOmcat i receive error [10] again.
Any suggestions please?.. -
Creating user with extension mobility on prime provisioning 10.5
Hi All,
Does anyone know any document or have any expirenece on creating user with extension mobility on prime provisioning 10.5?
I'm facing challenges on it, appreciate if you have any document or experience to share with me.
Thanks,
CherryWhat sort of issues are you facing?
I'm also having problems, but I think it is system related.
CUCM is LDAP synced.
When PCP tries to provision Extension Mobility Access, it actually seems to be trying to update the user on CUCM (via AXL) (this fails as it is an LDAP user and the values come from LDAP and cannot be updated)
I've got a tac case open.
Bug details are currently hidden - CSCuo11522 - but this one is extension mobility provisioning issue
There was also mention of another bug related to failures to provision users with directory URI's in their LDAP record. I didn't catch a bug ID for this one though.
Cheers,
Tim -
CUCM 8.6.2 - SURL Buttons Issue related to Extension Mobility
Hello Guys,
we are running a CUCM 8.6.2.22900-2 with the extension mobility service. One the user device profiles we have applied several third application services via SURL buttons. Actually I though it does not matter, what device type I choose during the UDP Creation. The Buttons should appear on every model, which support SURL.
When I log into a 8945 with a 9971 user device profile, the SURL buttons do not show. It only works, if I create a dedicate UDP Profile with the 8945 type as base. The same for other models of the 89er/99er Series.
Can you help? Is this a bug?
Thanks.Chris:
Thanks for the input. We do have the LDAP configured, we are using LDAPS. It is looking like port 636 form the CUP server is trying to reach out to the AD server so we are opening up that port to test if that is out issue. 636 is open from CUCM to AD but not CUP to AD.
TD
Maybe you are looking for
-
Better Mac Pro display: Apple 23" Cinema HD or Dell UltraSharp 2407WFP?
I bought a Mac Pro a few months ago and want to upgrade my monitor. I'm currently using (via an adapter) the 17 incher that came with my old G3. Compared to the 2407WFP, Apple's display is an inch smaller, about $300 more (with applicable government
-
HT4557 Did Apple remove homesharing on IOS devices?
I have a min that I turned on home sharing. Both my touch and ipad cannot access the music or video through home sharing. All three have homesharing turned on. At the genuis bar I was told that the ios devices are not media extenders and that i ne
-
Different material availability dates
Hi sap gurus, lets say that in sales order1234....there are 5 line items..... Now today..1line item is complete available and 4 are not available today. i have to ship that one line item today so if i create a delvery doc, only one item would be copi
-
Does anyone knows how can I get rid on my MacBook Air of a linkbucks website that appears to me when browsing?
-
DEAR ALL! HOW CAN I TEST WITH ABAP THE APPEARANCE OR EXISTENCE OF EITHER / OR . OR - I INTEND TO FIND OUT WHETHER A CHAR VALUE HAS THESE CHARS '/' OR '.' OR '-' REGARDS ILHAN