Unity Connection 8.5 alias to ldap username mismatch

Hello,
Can someone help me to determine the correct way to integrate LDAP into CUC after mailboxes have already been created from end users in CUCM especially when the ldap user ID and the CUC alias do not match?
From the cisco guide:
For every Cisco Unity Connection user that you want to integrate with an LDAP user, if the value of the Connection Alias field does not match the value of the LDAP user ID, use Cisco Unity Connection Administration to update the Connection alias so that they do match.
Does this mean that I can change the CUC alias for a voicemail user before doing the ldap integration with no impact to the end user?

Hi Ricardo,
Yes, you can change the alias at any point without
impacting the end user We have to do it all the time
when people get married etc.
Cheers!
Rob

Similar Messages

  • COBRAS Import for Unity Connection 8.5 and Subscriber LDAP Integration Status

    Using COBRAS Import for Unity Connection 1.1 Build 212 with Unity 4.2 Voicemail Only and Connection 8.5(1)SU1 with LDAP Directory Integration
    When I run COBRAS the old alias matches the new alias and my desire is for subscribers being moved to be LDAP inegrated.  However after COBRAS runs, the radio box for LDAP Integration Status on the subscriber is set to Do Not Integrate with LDAP Directory. Is there a way for COBRAS to select Integrate with LDAP Directory when the alias matches on LDAP?

    Hi ben,
    If you are just importing from and not authenticating against LDAP, then the PIN comes
    from the Connection Template you used to build the users;
    Note that no passwords or PINs are copied from the LDAP directory to the Connection database. If
    you want Connection users to authenticate against the LDAP directory, see the “LDAP
    Authentication” section on page 9-7.
    http://www.cisco.com/en/US/docs/voice_ip_comm/connection/8x/design/guide/8xcucdg040.html
    Cheers!
    Rob
    "Show a little faith, there's magic in the night" - Springsteen

  • Unity Connection 8.5 change to LDAP Sync/Authentication

    In Unity Connection 8.5(1) Subscribers were imported from CallManager before LDAP was setup, however I then realized I needed LDAP Authorization/integration and enabled LDAP. Users still show CallManager Integration and the LDAP radio box is grayed out.
    Can I change the users Integration to LDAP somehow without deleting/adding Subscribers?
    If I need to delete them, I assume I can COBRAS Export, Delete subscribers, then add back in integrating with LDAP not CallManager?

    Jason,
    Here is a doc that explains how to perform this operation:
    http://www.cisco.com/en/US/docs/voice_ip_comm/connection/8x/user_mac/guide/8xcucmac105.html#wp1074612
    Regards
    Solomon

  • Automating user creation for Unity Connection when sync'd with LDAP

    Hi
    Is it possible to automatically create users that sync with unity connection?
    I have a unity connection 7.0 server that is sync'd with LDAP and i use a ldap filter so that only users with a specific attribute are sync'd. I can see the users when i try to do an import but is there anyway that they can automatically be created

    No
    Check this check box so that Cisco Unity Connection gets basic information on Connection users from the LDAP directories that you specify on the LDAP Directory page. Data is synchronized only for the Connection users that you created by importing users from the LDAP directory. Connection does not automatically create new Connection users when new users are added to the LDAP directory.
    http://www.cisco.com/en/US/docs/voice_ip_comm/connection/7x/gui_reference/guide/7xcucgrg100.html#wp1069724
    HTH
    java
    if this helps, please rate
    www.cisco.com/go/pdihelpdesk

  • Unity 7 to Unity Connection 8

    this is a design question and best way to go about doing this:
    we have Unity 7 voicemail only in it's own domain on box exchange. we have a total of 5 servers like this connected together around the world.
    we want to move to Unity Connection HA at all thye sites and network digitally. We want to integrate to their existing corporate domain. we must preserve greetings and passwords and callhandlers but not voicemail. what and how do we do this.

    COBRAS cannot maintain passwords since Microsoft AD stores them in a one-way hash. Cisco's documentation says this:
    Passwords for Cisco Unity web applications cannot be exported because they are stored in Active Directory. When you create new user accounts by importing data, every account will get the same password, which is the password in the template that you specify when you import data.
    You can have internal user accounts in Unity Connection; or syncronize them to UCM or Microsoft AD through AXL or LDAP respectively after import. Unlike Unity, Unity Connection is read-only with LDAP so the schema extensions are no longer relevent.
    I'm not sure what your migration strategy is; however, it is possible to digitally network a Unity 8 site (i.e. you would have to upgrade those first) to Unity Connection 8 site. The Design Guide has a whole chapter on this: Migrating from Cisco Unity to Cisco Unity Connection 8.x. You may want to spend some time reading that and deciding on the best course of action.

  • Unity Connection 8.6 LDAP or CUCM Import with german special characters called "Umlaut": ä, ö, ü

    Hi,
    for  jabber 9.1 integration i sync'ed all users at Callmanager, Presence and  Unity to our LDAP (MS AD). with CUCM and Presence (both 8.6.x), it  works fine, just Unity Connection sync the Users from AD, but i cannot import Users  with german special characters ä, ö, ü  (i.E. German Name in LDAP-su: Müller).
    Jabber  9.1 need for Voicemail Integration the AD Authentication. Know  somebody, if there is an Workaraound or Fix ?
    This is a general issue, with or without Jabber, with sync directly from AD, or indirectly through CUCM (sync'ed with AD)
    thx and regards
    Jacky

    I located an identical defect (CSCts28455) that was closed as unreproducible. The defect references CSCtj73444 "Add support for UTF-8 password to LDAP and RADIUS/MSCHAP" which is added to 8.4.2 with the recommendation of RADIUS/MSCHAP or LDAP only for international character support. It would make sense to go to the latest in your current train (ie: 8.4.4.1.ED) and see if the issue remains. What you want to do appears to be supported.
    Matthew

  • Unity Connection LDAP Error

    I'm trying to setup a Unity Connection server with an LDAP directory and when I save the configuration I get this error message:
    Error while Connecting to  ldap://172.16.1.2:389, null
    The UCONN server is connecting to a Windows 2000 DC running Exchange 2003.
    I think I'm missing something simple but I'm not sure what.
    Thoughts?

    Hi,
    Sounds like you may either have an incorrect IP address and/or port # for your DC or GC.  Port 389 for a Domain Controller, and if the server is a Global Catalog, you'll need port 3268.  Another possibility is that port 389 may be blocked by some sort of ACL or firewall.  I would try the port change first and re-verify your IP address and if that doesn't get you anywhere, setting up a network capture to see what may be happening during the bind request is your next step.
    Hope that helps,
    Brad

  • Cisco Unity Connection ViewMail Password manual reset after LDAP change

    Unity Connection 8.5.1, Viewmail 8.5.4 and Exchange 2010 with 2008 AD
    We are migrating to Unity Connection from Unity 7.0.2 and have discovered that when we change our passwords in AD (scheduled every 40 days) this does not get synchronized with viewmail.  Users then receive an error indicating the user ID or password is incorrect and then call the helpdesk to find out where to change this setting.  Has anyone found a way around this.  It is becomking a huge issue with 1200+ employees. 
    Hopefully it is on a roadmap for cisco as well?
    Thanks
    Liz

    'its really a different user experience' you are telling me!!!
    I like the other features that 8.5 brings but the outlook viewmail single sign on design fault is a big mistake. It even effects cupc client as you have to  update the voicemail password in their...
    I did read all the documentation carefully, it doesnt mention that the passwords do no sync. From a end user point of view, this is a disator. 95% of our users manage the voicemail through outlook, if the password doesnt update in viewmail then they can not retrieve their voicemail.
    anyway, i ve spent alot of time and money building the new connection server, but i have no option but to stick to our unity 5 solution. Luckily i noticed this before i changed/migrated people groupwide.
    Thanks a million Cisco, I now have to explain this to our IT director....

  • Unity Connection 8.5 not import CUCM end users after reinstall

    I needed to reinstall a Unity Connection 8.5 server (server crash due to power failure).
    After the reinstallation and reconfiguration of the CUC, the same does not synchronize and / or import users from CUCM (version 8.5).
    The CUCM is integrated with LDAP.
    The version of servers are:
    - CUC = version 8.5.1ES16.11900-16
    - CUCM = version 8.5.1.11900-21
    Before CUC crash, I could import users usually.
    The test in AXL servers in CUC is normal: (Test message successfully sent to AXL server 172.16.21.11:443).
    Any sugestions?
    Regards,
    Ronaldo Gama

    Hi Ronaldo,
    This is because the CUCM actually holds a database where all of these users are still tagged as being imported into UC already.  You'll have to get fancy with some SQL queries, you can try these, but do it at your own risk.
    Open SSH to the CUCM
    1) For each user, find the mapping row:
              run sql select pkid from enduserappservermap where fkenduser in (select pkid from enduser where userid = 'my_user_alias') and fkappserver in (select pkid from appserver where ipaddr = 'my_connection_server_ip')
    In the query above, replace my_user_alias with the alias of the end user and replace my_connection_server_ip with the IP address of the Connection server (or whatever the old Connection server IP address may have been if you changed it after the rebuild).
    2) Delete the mapping row:
    You should only get back one row. Delete it. Replace my_pkid with the actual pkid that you got back:
              run sql delete from enduserappservermap where pkid = 'my_pkid'
    Try to import that user again via AXL.  That's the user by user way of doing it if you don't have too many, but if you're confident they all can be deleted at once you can do the following:
    1.  Find all of the users mapped
               run sql select * from enduserappservermap
    2.  The users should all have matching value in the "fkappserver" object ID column if they were mapped to the same pre-existing Connection server.  Once you've confirmed the "fkappserver" object ID of the old UC server, issue the bulk delete command, this is irreversible!
              run sql delete from enduserappservermap where fkappserver = 'fkappserver_for_old_UC'
    Hope that helps,
    Brad

  • How to find Unity Connection 8.6 users whose AD account is disabled

    I have a Unity Connection 8.6 server that is integrated with AD. My main issue going forward is the user maintenance. If a user is disabled in AD, the user's LDAP integration status changes from "Integrate with LDAP Directory" to "Do Not Integrate with LDAP Directory". I understand this is default behavior when the server syncs with AD just as it does on CUCM. When administering thousands of accounts, there are going to be times that I'm not notified of someone leaving the company (more often than not). I need a way to search for these users in the server as most, if not all users are LDAP synced with mailbox. I have tried exporting the users with mailbox and I can't find any difference between an active and inactive AD user.
    Any suggestions?
    Brian

    Hi Brian,
    If you use BAT in Unity Connection and export users with mailboxes, when Connection is integrated directly with AD, the LdapCcmUserId field will be present with their AD username, when it's disabled, the field will be blank.
    HTH,
    Chris

  • Unity Connection 8.6 call transfer to non-unity extension

      I have converted from Unity to Unity Connection and am looking for a solution for transferring an incoming call to a non-unity user extension.
    Here is the scenario:  An PSTN caller calls in and is directed to a Unity Connection Call Handler or a Subscriber greeting.  In the greeting they are advised that if they know the extension they want to call, they can dial it at any time.  Here is the rub, if they dial an extension for a user listed in Unity Connection, the call gets transferred to the extension.  However, if the extension dialed is to an extension that is not a Unity Connection User, the attendant comes back and say the extension is not understood.
    In Unity before conversion, I would make an internet user that did not have a mailbox but was listed with an extension.  However, with Unity Connection, I am using LDAP integration with Microsoft AD and I don't see a method of doing the same thing.
    Is anyone else doing something like this or know of a method to do it?
    Thanks in advance.
    Gene Keel                 

    In the greeting check this box:
    Allow Transfers to Numbers Not Associated with Users or Call Handlers
    also make sure the number entered by the call is allowed in Default System Transfer restriction table.

  • Unity connection - how to verify if an email of the voicemail is being sent out

    Hi Guys
    I am running unity connection 8.5 and I am integrated with exchange 2010. Single inbox seems to be working fine for all users except one. The users info in unity connection looks fine and is pulling down from AD using the LDAP integration just fine. He seems to get voicemail in email about half the time.
    I would like to verify if I could what is leaving the Unity connection server to show the issue is related to the users pc setting or the exchange server.
    Any way I can use a tool to verify that when a voicemail is left Unity connection sends the message to the exchange server?
    thanks
    Bill

    Hi Bill,
    There's no easy way other than looking at traces, really.  I'd check to see if the client machine is using Outlook in cached mode, or if they're doing any type of scheduled archiving, or sending voicemails via rules to a local .PST, etc.
    Hope that helps,
    Brad

  • How to delete users in unity connection

    hello all,
    I have a unity connection cluster on version 7.1.3 and a cucm cluster on version 7.1.3
    when i try to delete a user in unity connection I get the following error
    This user is integrated with a Cisco Unified Communications Manager end user. Some fields may be disabled.
    I deleted the user in cucm, however the user is still in Unity connection and i can't delete it,
    what's the best way to delete a user ?
    thank you
    Cris

    When the CUCM End User is deleted, the corresponding CUC user should  automatically be deleted as well. Sometimes this isn't the case and the  CUC user still exists and cannot be deleted due to other database hooks.
    First you will need to find the ObjectId for the user that you want to remove from Connection:
    run cuc dbquery unitydirdb SELECT ObjectId from vw_User WHERE Alias = 'alias of the user you want to delete'
    Now you will want to delete that user as such (this will fail if there are database hooks still on the orphaned user):
    run cuc dbquery unitydirdb EXECUTE PROCEDURE csp_UserDelete (pObjectId = 'objectid from above')

  • Cisco Unity Connection 8.5 PIMG integration.

    Hello Experts
    My customer has PIMG integration with Cisco Unity Connection, users can access their mailboxes after creating a direct routing rule with the search scope where this users are located to send the call to "attemp sing in" conversation this part is working fine. Now subscribers do not get the user's mailbox when reaching FNA,Busy or RNA they are going to the "welcome to Cisco Unity Connection Messaging System from a...  default greeting. Using Remote port status monitor I can not see the call coming in,but I am sure the call is getting to that server. I will like to know what traces I can enable to get the extension that is being sent by PIMG or what else I can check on the Unity connection server to resolve this issue?
    Thanks in advance

    Hi Rob
    I  configured the Direct Routing to send the calls to conversation "sing in" because the customer has multiple integrations and duplicated users with same extesion,  he was getting "invalid username and password" everytime they try to log in, meaning that the user was in different CSS and the existing Direct Routing Rule did not have this CSS in the Search Scope.Maybe in you case you the users were not sorted out by CSS.
    I am pritty sure they are using Nortel phones,but not sure what exact version.
    Thank you for your response.I will try to configure a Forward Routing rule to send the calls to and specific user'extension base on the calling number to see what happens.

  • Cisco Unity Connection 8.6 problem with greeting upload

    Hello at all,
    i have a realy strange Problem.
    I want to upload a Greeting (*.wav-file) to a Call Handler, everything looks fine after uploading and i can also hear (Playback) the massage on the Computer and on my Phone. So i save the Config. After that i want to hear the massage after calling the Call Handler but i hear only "sorry, "CallHandlerName" is not Awailable".
    If i make some checks everything looks ok, i have 2 User with sysadmin-role - both can Playback the massage via the Webpage.
    But if i take the Phone and call the "Greetings Administrator" - there is no personal Greeting on this Call Handler - and thats my Problem.
    If i Record a new massage with the Phone (in the Greeting Admin) it is working - after Uploading a new File (Codec is ok) i can Playback the new file but after Calling the CH, i hear the Massage which i have recordet with the Phone - not the Uploadet. But on the Webpage i hear the Uploadet file.....
    Whats wrong????
    And yes, i have set this 2 Users as Call Handler Owner.
    What should i do??
    Please can anyone help me in this case.....
    kind regards
    Markus
    EDIT: I have also the Problem, that i can´t upload a File for a User - only the User self can Upload a Greeting, if do this with one of the 2 Admin-Accounts i hear also the System-Massage "sorry, -USERNAME- is not awailaible" and not the uploadet file - at the Webpage i hear the uploadet Massage - it seems to be the same Prob as with the CallHandler. Is it a JAVA-Problem mabye? I have Java JRE Version7 update7 installed and IE8 as Browser....
    Certificate is installed, and the CUC is a trusted site......

    Hi Markus,
    It could be this bug;
    CSCto92753 - Unable to upload wav files and save as greeting or send as message
    Description
    Symptom:
    Unable to upload an  existing wav file, or create a new recording using the PC microphone and  save as greeting, voice name, or send as message. In the case of trying  to send as a message, the user receives a "Failed to Send Message"  error.
    You might see Failed to Record Name if attempting to overwrite a Call Handler with a file.
    You might also see Unable to save recording due to SSL certificate error.
    Conditions:
    Cisco Unity Connection versions 7.1(5)ES45, 8.0(3)ES27, 8.5(1)ES37
    When  using either the Cisco Unity Connection Administration (CUCA) or the  Cisco Unity Connection Personal Communications Assistant (PCA) web  applications to upload an existing wav file, or create a new recording  using the PC microphone and save as a voice name, greeting, or send as a  message.
    In the client side Java Console logs, you see the following exception:
    Exception  in thread "Timeout guard" java.security.AccessControlException: access  denied (java.net.SocketPermission 10.93.231.234:8443 connect,resolve)
    Workaround:
    In  your client side JRE security profile file....commonly named:   java.policy...add the below entry.  Will need to use the ipaddress of  the Connection server (for a cluster, put an entry for each of publisher  and subscriber).
    permission java.net.SocketPermission "10.93.237.101:8443", "connect,resolve";
    If  get a permission error when trying to modify java.policy, then you may  need to set the permissions of the file to not inhearent permissions  from it's parent and not be read-only.  (aka by default the entire JRE  folder is read-only but you need to modify a file within it).
    A good  article on the Sun website with more detail on the workaround:   http://java.sun.com/developer/onlineTraining/Programming/JDCBook/appA.html
    Details
    First Found in:                          (4)
    8.6,7.1(5)ES44,8.0(3)ES27
    8.5(1)ES37
    Status:
    Terminated
    Last Modified:
    Aug 12,2012
    Product:
    Cisco Unity Connection
    Platform:
    Dependent
    Severity:
    3 - moderate
    Cheers!
    Rob
    "May your heart always be joyful
    May your song always be sung" - Bob Dylan

Maybe you are looking for

  • 8gb iPod touch is not working

    My iTouch has stopped working. I press power button and it still doesn't work. I charged it for many hours and nothing. Any help?

  • Spending limit - what a joke!

    I have been a loyal customer for 2.5 years with a bill that is almost $500 per month for 8 lines on Edge plus one line that has completed a 2-year contract. That means I have paid verizon between 12,000 and 15,000 dollars on time every time. I have a

  • Problem during output of smartform in PDF

    Hi All, I am using Function module for output of smartform in PDF Format.But it is giving following informatio -OTF end command // missing in OTF data. and then no data in pdf format. Could you please help me whar shoul I do for that? MY code is like

  • Trouble with Adobe dng converter and 5d mark iii

    I have recently downloaded the dng converter 6.7 to convert my cr2 files from my 5d mark iii, however it keeps on telling me i have no files to convert, is there anything i can do about this? i am using elements 10

  • Hyperlink in a dynamic PDF form

    Hi guys, I've created a dynamic PDF form in LiveCycle designer, and I want to insert hyperlink in to this form - but I don't know how to do it. My Link Tool in Adobe Acrobat is inactive. Any advice? Cheers Marian