Unity Connection 8.5 Single Inbox with Verisign Certificates

Hi,
I am trying to connect CUC 8.5.1.12900-7 to Exchange 2010 using Basic authentication with SSL.
I am having problems when I get to the test user stage and think the problem may be caused by certificates.
To obtain the certificates that I have installed on CUC I got one of the users to connect to OWA and then exported the certificates associated with the connection and then loaded then onto CUC - is this the right way to do it? - there does not seem to be any documentation that covers this in detail.
Can anyone point me in the right direction or at least let me know how to troubleshoot the problem?
Thanks

You want to export the root CA certificate from OWA and import it to both the tomcat-trust and connection-trust stores. When I did this last week on 8.6(1)a I did not have to restart Tomcat although that has been required in the past. You can spot the root CA certificate by choosing the Certificate Path tab, selecting the highest certificate in the chain, opening it, select the Details tab, and click Copy to File. When you save it you will want the Base-64 encoded file and need to manually change the file extension from .CRT to .PEM.
Additionally, you can rule SSL out by unchecking the Validate Certificates for Exchange Servers checkbox. This will allow the SSL session even if the certificate fails validation.
Other issues I have seen:
The permissions granted to the Exchange user did not delegate to that user/mailstore or you accidentally missed a step.
The AutoDiscover folder in IIS is not allowing Basic authentication. The Exchange architect I worked with last week wouldn't enable this so I ended up using NTLM authentication instead since both EWS and AutoDiscover were allowing Integrated WIndows Auth.

Similar Messages

  • Unity Connection 8.5 single inbox with Exchange 2003 - Access denied

    Hi,
    I'm using CUCMBE 8.5.1.12900-7 Unrestricted. i'm following Unified Messaging Guide for Cisco Unity Connection Release 8.5 and Later for configuring single inbox. I have successfully setup and tested unified messaging service when I subscribe this service to a particular user and test it, I get following error:
    Issue: Failed accessing [email protected] on 192.168.0.10
    Recommendations: Some possible reasons for 401: Incorrect service account name or password. Service account password expired. Proper permissions not granted to service account. Exchange mailbox uninitialized.
    Details: HTTP status=[401 Unauthorized] diagnostic=[Bad response from server, HTTP code returned: 401] url=[http://192.168.0.10/exchange/
    [email protected]] request=[<?xml version="1.0"?> <D:propfind xmlns:D="DAV:" xmlns:fh="urn:schemas:httpmail:" xmlns:h="http://schemas.microsoft.com/repl/"> <D:prop> <fh:msgfolderroot/> </D:prop> </D:propfind> ] response=[<html><head><title>Error</title></head><body>Error: Access is Denied.</body></html>]
    I have verified above mentioned recommendations but no such issue exists. Any ideas?

    Hi Muhammad,
    I am having exactly the same issue in configuring sinlgle inbox with unity connection 8.6 and exchange 2003. I have checked everything but no result. Could you please help in configuring?
    Thanks
    The validation results for the  user unified messaging service account [email protected] with service  E2K302 are the following:
    Service "E2K302":  AuthenticationMode=NTLM [use HTTP] Server=[E2K3-02.chelloit1.local]  Type=[Exchange 2003] Username=[chelloit1.local\agokharu]
    Failed accessing  [email protected] on E2K3-02.chelloit1.local
    Some possible reasons for 401:  Incorrect service account name or password. Service account password expired.  Proper permissions not granted to service account. Exchange mailbox  uninitialized.
    HTTP status=[401 Unauthorized]  diagnostic=[Bad response from server, HTTP code returned: 401]  url=[http://E2K3-02.chelloit1.local/exchange/[email protected]]  request=[<?xml version="1.0"?> http://schemas.microsoft.com/repl/">   ]  response=[ErrorError:  Access is Denied.]

  • Cisco Unity Connection 8.5 Single Inbox - Unified Messaging?

    For the Cisco Unity Connection 8.5, to enable Single inbox unified messaging do we need to get additional licensing for this feature?

    Hi Ali,
    LicIMAPSubscribersMax
    Users with IMAP access to voice messages or with single inbox (single inbox available in Connection 8.5 and later only)
    Sets the maximum number of users who can use:
    •A third-party IMAP client to access voice messages.
    •The  unified messaging feature "Synchronize Connection and Exchange  Mailboxes (Single Inbox)" on the Unified Messaging > Unified  Messaging Services page and on the Users > Users > Unified  Messaging Accounts page.
    For single inbox, the total number of users in classes of service for  which single inbox is enabled must not exceed the licensed maximum. This  applies regardless of the number of users in those classes of service  who are configured to use single inbox. In addition, all users who are  configured for single inbox must be in a class of service for which  single inbox is enabled.
    http://www.cisco.com/en/US/docs/voice_ip_comm/connection/8x/administration/guide/8xcucsag310.html
    Cheers!
    Rob
    "And if I should fall behind
    Wait for me" - Springsteen

  • Unity Connection 8.5 Single Inbox Maximum File Size

    Hi,
    I have a customer who is using Live Record with Single Inbox & quite commonly the calls they are recording are going for upto an hour. This is obviously resulting in large voicemail sizes.
    They are finding that long recordings (ie 20 minutes) are not being sent to their Outlook account. Is this limited in the settings somewhere or is there a maximum that anyone knows of? The Exchange Admin assures me that they should be able to receive upto 50MB emails which is more than enough.
    Cheers
    Russell

    Stanley,
    Exchange was the issue. Fix was found by Seppe in TAC - worked with him on a couple of occasions and he is one of the best. His email is below:
    Changed the following settings in exchange server to receive 50 MB attachment:
    1.        Edit
    C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\Owa\web.config and update the maxRequestLength value to 51200
    2.        Open a command prompt and execute the following commands:
    cd %windir%\system32\inetsrv
    appcmd set config "Default Web Site/ews" -section:requestFiltering -requestLimits.maxAllowedContentLength:51200000
    appcmd set config "Default Web Site/owa" -section:requestFiltering -requestLimits.maxAllowedContentLength:51200000
    3.        Edit
    C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\exchweb\ews\web.config and  change the  maxReceivedMessageSize value to 51200000 underneath the
    4.        Restart IIS service to apply the change
    Recommending to do this off-hours and take a backup of configuration files before doing any change.

  • Unity Connection Office 365 Single Inbox - 100 Users Limitation

    Hi all,
    Goiing over the Unity Connection release notes:
    Cisco Unity Connection 8.6(2) Support for Microsoft Office 365
    Revised 13 April, 2012
    In Cisco Unity Connection 8.6(2) and later, you can configure Connection to synchronize voice messages in Connection user's mailbox with the user's Exchange Online mailbox configured on Microsoft Office 365 environment. Microsoft Office 365 is a cloud hosted collaboration solution provided by Microsoft.
    Cisco Unity Connection 8.6(2) SU1 is qualified for 100 users with Microsoft Office 365. For scalability beyond 100 users, you need to contact UCBU Product Management team through [email protected] mailer.
    Note The integration beyond 100 users will not be supported by TAC until the BU has signed off on it.
    I was aware of the 19 users per Unified Messaging account issue, in which we created several UM Service accounts as a temporary fix until Microsoft lifts the limitation.  I wasn't aware of the above that there is a limitation to 100 Users total.
    There has been a few posts regarding the 19 user/account issue in which the workaround has been to create up to 20 UM accounts to get up to 380 users as a temporary solution.
    Any insight as to when this will be lifted or detailed timelines would be great!
    Thanks,
    Chris

    Hey Chris,
    I wouldn't go that route as you nicely noted. The specific locales for su2 are not shown
    and I'm pretty confident that this bug would carry over to su2 as well
    But then again....I could be way off base here
    CSCty54979 - 8.6.x release notes should detail what builds are required for locales
    Symptom:
    Release notes for Unity Connection 8.6(2a) and  8.6(2a)SU1 are not clear about what builds the use of locales  (localizations) are supported with and where they can be acquired
    Conditions:
    Customers wishing to support non-US English (ENU) languages with Unity Connect 8.6.x
    Workaround:
    For  Unity Connection 8.6(2a), you must install ES12 and use the locale  files that are labeled as ES12. The locale files are posted on cisco.com  for download, but Unity Connection ES12 is not (you will need to open a  TAC case and request a copy of 8.6(2)ES12)
    For Unity Connection  8.6(2a)SU1, the 8.6(2)ES12 locales should NOT be used. An updated set of  locales will be posted for use with this build in the near future  (expected by roughly mid to late April 2012). Also note that if you are  currently using the 8.6(2)ES12 locales, you should NOT upgrade to SU1  until the SU1 locales are posted to cisco.com so that you can use them.
    If su2 is equivalent to ES44 then they aren't shown on this doc either??
    http://www.cisco.com/web/software/Voice/pdf/LocalizationSupportforCUCESreleases.pdf
    Cheers!
    Rob
    "May your heart always be joyful
    May your song always be sung" - Bob Dylan

  • Cisco Unity Connection Single inbox with Exchange 2010

    I have a new installation of Unity Connection 8.6.2 using single inbox with an Exchange 2010 cluster frontended by a Netscaler load balancer.Functionality that does not work is when a new message comes into outlook and the message is read or deleted it does not update the status on the phone- IE turn off the MWI or if the message is deleted it is still a new message in Unity. If you click reset in the user unified message account, the status gets updated.
    TAC says its a blocked port on Exchange TCP 7080 but that is open.

      I followed this document :
    http://www.cisco.com/en/US/docs/voice_ip_comm/connection/8x/unified_messaging/guide/85xcucumg020.html
    but when i try to integrate CUC with exchange 2010 , i didn't find is clear enough
    do you have Step by Step more clear than that link becouse my lab very close to your case.
    Regards

  • Unity Connection 8.5.1ES16.11900-16 upgrade for Single Inbox with Exchange 2007 ?

    Hello friends,
    I'm currentely running Unity Connection 8.5.1ES16.11900-16.
    I would like to use the single inbox feature with Exchange 2007.
    It is in the documentation that we need at least Unity Connection 8.5(1) Service Update 1 (UCSInstall_UCOS_8.5.1.11900-21.sgn.iso).
    I downloaded, checked MD5 but when searching on the FTP directory it won't accept it (No valid upgrade options were found). Is this a supported upgrade?
    Same happens with the localization file in Portuguese that i need to install: uc-locale-pt_PT-8.5.1.1-16.cop.sng ...
    Please can you give me some hints about what I may be doing wrong?
    Thank you very much and warm regards,
    met

    Hi Met,
    Hope all is well
    I think you are hitting this caveat. Although the numbers don't match exactly I'm
    pretty sure you will need to wait for an 8.5.1.12xxx.x ES
    If the Connection server is running an engineering special with a full Cisco Unified Communications
    Operating System version number between 8.5.1.11001-x and 8.5.1.11899-x, do not upgrade the server
    to Connection 8.5(1) SU 1 because the upgrade will fail. Instead, upgrade the server with an ES released
    after 8.5(1) SU 1 that has a full Unified Communications OS version number of 8.5.1.12xxx.x or later
    to get the SU 1 functionality.
    http://www.cisco.com/web/software/282074295/44508/851su1cucrm.pdf
    Cheers!
    Rob

  • Unity connections 9.1 "port stuck with call"

                I am seeing this message in the error log: %UC_UCEVNT-3-EvtMiuPortStuckWithCallinfoOnly:   for a number of  ports. . When I look into the log some of these ports have ben up for a month .
    the message is cleared by restarting the port,
    This stuck port problem has been around for a long time we had it in ver 7.1, is there any way of making a port reset if it has been stuck on a call for say 24 hours?

    Hello chrbradf1,
    You can set the amount of time for the watchdog to generate a log when the port would be considered locked, but there is no automatic way of restarting them on the CUC perspective neither on CUCM, there is also no provisioning for Tcl scripting therefore you will have to restart them manually.
    Watchdog is under: Cisco Unity Connection Administration> System Settings> Advanced> Telephonny> Port Watchdog Threshold in Minutes.
    Port Watchdog Threshold in Minutes
    Enter the time, in minutes, that a port can be off hook before it is considered to be locked. When a port reaches this threshold, Cisco Unity Connection logs an error. To review errors, see the Real-Time Monitoring Tool. We recommend a setting greater than 30 minutes.
    Default setting: 240 minutes.
    http://www.cisco.com/en/US/docs/voice_ip_comm/connection/8x/gui_reference/guide/8xcucgrg110.html
    Also consider that maximum time is 240000 minimum is 0 and value has to be integer.
    Examples:
    Value specified (111111111) exceeds the maximum allowable value (24000).
    Value specified (0.1111) is not an integer value
    Value specified (-1111) is below the minimum allowable value (0).
    -David

  • How to sign the applet with verisign certificate?

    Hi,
    I got a test certificate from the Verisign.
    Now I want to know, how to sign my applet with that certificate?
    Thanks,
    Siva E.

    Hi!
    You have to create a keystore wich contains the certificate. I think you call keystore -import "verisign.cert"Try the command, and it will tell you what it needs.
    To do the acutal signing of an applet (jar-file), you write somehting like this:
    jarsigner  -keystore "NameOfKeystore" -keypass "PasswordToPrivKey"  -storepass "PasswordToStore" "YourJarFile.jar" "CertAlias"The cert alias is an alias you created when importing the certificate. Hope it Helps!
    Henrik

  • How can I use the Unity Connection 10.5 Greetings Administrator with e.164 CallHandler extensions

    We recently upgraded to CUCM 10.5 and CUC 10.5 using an e.164 dial plan throughout. One snafu that has surfaced is how do people access a CallHandler via the Greetings Administrator TUI if the CallHandler extension begins with a '+' character? Pressing and holding * does not seem to work. Any ideas?

    We recently upgraded to CUCM 10.5 and CUC 10.5 using an e.164 dial plan throughout. One snafu that has surfaced is how do people access a CallHandler via the Greetings Administrator TUI if the CallHandler extension begins with a '+' character? Pressing and holding * does not seem to work. Any ideas?

  • Single Inbox on Unity Connection 8.5 and Exchange 2003 SP2

    Hi,
    We have Unity Connection 8.5 (with SU2) and Exchange 2003 SP2
    We want to setup the Single Inbox feature that works well with Exchange 2007 and 2010, but my customer is running Exchange 2003 SP2.
    We met all of the requirements outlined in: http://www.cisco.com/en/US/docs/voice_ip_comm/connection/8x/requirements/8xcucsysreqs.html#wp459928
    I configure a new "Unified Messaging Services" profile for Exchange using Exchange 2003 and enabled for Single Inbox.  When I run "Test" it displays the following errors (other validation is successfully)
    The service port for IMAP is not functioning.      
    The system failed to connect to the server with a socket connection through port beatles.clubone.com:993. The error is error:0200206F:system library:connect:Connection refused. Refer to the tomcat log file for more details. If you are using secure connection, confirm that SSL is enabled on the server.
    Why is it trying to connect using IMAP, that wasn't the case when I used for Exchange 2007 or 2010 when IMAP was not enabled.
    Is there something else I'm missing for configuration with Unity Connection to support Single Inbox with Exchange 2003 SP2?
    Thank you!
    -rya

    Hi Rya,
    I just wanted to add my +5 vote for this great catch by Aaron (nice work "A")
    If you are going to upgrade to Unity Connection 8.6
    Check out this great doc from Saurabh for the refresh upgrade notes to 8.6.
    https://supportforums.cisco.com/community/netpro/collaboration-voice-video/unified-comm-application/blog/2011/08/11/checklist-before-upgrading-to-unity-connection-86
    Cheers!
    Rob
    "Show a little faith, there's magic in the night" - Springsteen

  • Unity Connection 8.5 Unified Messaging MWI

    Hi Guys,
         I just configured Unity Connection 8.5 Single Inbox with Exchange 2007. Everything is working fine, except the MWI goes off as soon as the Exchange gets the message. Is this the expected behaviour?
         I need that the MWI stays ON until the user reads the message in Outlook. Is that possible?
    Thanks! 

    Not sure if it applies here but, if you aren't moving it to another folder in your Outlook, try looking at this....
    https://supportforums.cisco.com/community/netpro/collaboration-voice-video/unified-comm-application/blog/2011/03/02/cisco-unity-exchange-2007-disclaimer-transport-rule-causes-mwi-to-fail
    Let me know if you have a disclaimer setup on Exchange 2007 etc.
    Thanks!
    Tray

  • Cisco Unity Connection single inbox and viewmail error

    Unity Connection 8.5.1 single inbox with Exchange 2010 and viewmail 8.5.4.  We arein the process of migrating from Unity 7.0.2 to Unity Connection.
    We are a lawfirm and many of our admins have full access to their attorney's exchange mailbox to manage their messages and voicemails.  With Connection those admins can no longer access voicemails in exchange accounts other than their own even if they have full access.
    A message pops up stating "the requested voice message is no longer available" and only dead air is played whether playback via phone or speakers is selected.  This is a huge issue for our end users.
    Has anyone else experienced this or hav eany suggestions for a work around?
    I have tried assigning the mailbox access delegation role to an end user but this did not grant access via vewmail.
    Thanks
    Liz

    Hi Liz,
    This is expected behavior because VMO has certain dependencies mapped between users and messages, so when a different user tries to access the message, it can't find the mapping which is why you receive that message.  However, VMO 8.6(4) introduced the ability for this exact group mailbox access feature you're after.
    http://www.cisco.com/en/US/docs/voice_ip_comm/connection/vmo/release/notes/864cucvmorn.html#wp346504
    Hope that helps,
    Brad

  • Unity Connection 8.5(x), single inbox, and smartphones

    If the customer sets up the following environment:
    Unity Connection 8.5(x) WITH SECURE MESSAGING
    Single Inbox with Exchange 2010
    Customer has smartphones (blackberry, etc).
    We're trying to figure out if this is set up, will the smart phones be able to play the voicemail message or not?  Based on what I see, I'm thinking they may not, but would love to hear from someone with eyes and ears back in the BU.
    Cliff

    They would not be able to play the message. From the Unified Messaging Guide:
    To play secure Connection voice messages in the Exchange mailbox, users must use Microsoft Outlook and Cisco Unity Connection ViewMail for Microsoft Outlook. Without ViewMail for Outlook installed, users accessing secure voice messages see only text in the body of a decoy message; the text briefly explains secure messages.
    In other words, the Blackberry phones don't have ViewMail and can only see the decoy message.

  • Cisco support for Single Inbox Feature in Exchange 2003 for Unity Connection 8.5

    Hi There,
    Does Cisco support a Unity Connection 8.5 solution/design with the Single Inbox Feature (for Unified Messaging) configured with Exchange 2003, or does it support the Single Inbox feature on Exchange 2010 only?
    Thanks

    Thanks Anthony - I just found an updated doco that confirms that.

Maybe you are looking for

  • Ora-01704 string literal too long error  on long query syntax

    I have a query with more than 4000 characters. I can't seem to get ociparse to accept it. The bind variables are not an issue as I am not concatenating any strings to the query syntax. It is just that my query will all the columns and unions etc exce

  • Attachments not opening in Outlook 2013

    Hi, I have recently start using Outlook 2013 on a fresh machine with a new installation. From the very first day i am not able to open any attachments from my mail (by double clicking it). Thing is, it will start working fine once i saved it in my di

  • Group by + aggregate function / report

    Helloo, we have a report with following sql statment SELECT "SPREEDSHEET_TABLE"."SCHEMA_NAME" "SCHEMA_NAME", "SPREEDSHEET_TABLE"."DATABASE_NAME" "DATABASE_NAME", "SPREEDSHEET_TABLE"."SERVER_NAME" "SERVER_NAME" ,max(CURRENT_DATE) FROM pritesh.SPREEDSH

  • Help plzz in Enterprise installation errors

    hey guys ,everything i install the enterprise i got this after it finshed installation can anyone plz tell me what does this mean am new in java also there is somethin worng wen creating web apps prj as there is no design page found and the page temp

  • How to use iPod mini USB in car - manage playing

    I am getting reacqauinted with my iPod mini and see that I can play it in my car using the USB port, but can't seem to access the controls...it just displays do not disconnect. I turned the car off before I disconnected the iPod. Will appreciate any