Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2034
Views
4
Helpful
23
Replies

Your username or password is not correct Jabber & Self Care Portal

Go to solution
dfmg
Level 1
Level 1

‎03-01-2024 07:29 AM

I have two users who are getting the "Your username or password is not correct" with Jabber and the Self Care Portal, despite verify that their credentials are correct.

For both of them:
The CUCM Service Profile has all of the required Services such including IMP.

The Service Profile is assigned to the user on the End User account.

On the End-User account all of the Service Settings boxes are checked including the Home Cluster checkbox.

The user is the Owner on the CSF Device configuration page, and the device is in the Controlled Devices of the user.

The DN on the Jabber client is listed as the Primary Extension on the End User account.

We are using AD Sync, and their AD account works fine.  I've attached the log file for one of the users.

 

 

Labels:
Preview file
592 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
dfmg
Level 1
Level 1

‎03-19-2024 05:09 AM

The issue for us is now resolved after our sys admin restarted the XCP Connection Manager and XCP Authentication Service on IMP nodes and restarted Cisco User Data Services on the CUCM Publisher and Subscriber.

View solution in original post

23 Replies 23

Go to solution
Maren Mahoney
VIP
VIP

‎03-01-2024 07:44 AM

Are both users in the Standard CCM End Users Access Control Group? (And should probably also be in the Standard CTI Enabled group, but not a requirement.) I don't see that in your list.

Maren

0 Helpful

Go to solution
dfmg
Level 1
Level 1

‎03-01-2024 07:54 AM

Hello Maren,
Thank you for your quick response.

Yes, they are in both the Standard CCM End Users Access Control Group, as well as the Standard CTI Enabled group.

0 Helpful

Go to solution
Maren Mahoney
VIP
VIP
In response to dfmg

‎03-01-2024 08:10 AM

Try unticking the box for IMP in their End User account, to see if they will register as SIP end points to CUCM without IMP services. If I'm reading the log right, the IMP config may be the issue. Regardless, it will help us narrow down the issue.

Let us know what happens. Also, would you be able to post the settings for the jabber-config.xml UC Service for these endpoints?

Maren

Go to solution
dfmg
Level 1
Level 1

‎03-01-2024 09:09 AM

Hello Maren,

I unticked the box for IMP in their account, but it did not register as SIP endpoint.

I'm still trying to figure out how to get the jabber-config.xml, I looked online, but the instructions seem like they are for a newer version of CUCM, and we have version 10.5.2.18900-15.

0 Helpful

Go to solution
Roger Kallberg
VIP
VIP
In response to dfmg

‎03-01-2024 09:39 AM

You download the Jabber XML file from the TFTP server(s) in your CM cluster.



Response Signature


0 Helpful

Go to solution
dfmg
Level 1
Level 1
In response to Roger Kallberg

‎03-01-2024 10:08 AM

Thanks Roger, 

I'll see if I can find someone on my end who has access to or TFTP servers.  

0 Helpful

Go to solution
Roger Kallberg
VIP
VIP
In response to dfmg

‎03-01-2024 10:18 AM

Don’t you have access to the webUI of the CM?



Response Signature


0 Helpful

Go to solution
dfmg
Level 1
Level 1
In response to Roger Kallberg

‎03-01-2024 10:47 AM

I do have access to the CUCM web UI.

0 Helpful

Go to solution
Roger Kallberg
VIP
VIP
In response to dfmg

‎03-01-2024 11:19 AM

Okay, then you can access the TFTP files on the OS administration webUI



Response Signature


0 Helpful

Go to solution
dfmg
Level 1
Level 1
In response to Roger Kallberg

‎03-01-2024 11:42 AM

Hi Roger,

Unfortunately, I do not have access to Cisco Unified OS Administration, only Cisco Unified CM Administration.

0 Helpful

Go to solution
Roger Kallberg
VIP
VIP
In response to dfmg

‎03-01-2024 11:59 AM

What roles do you have assigned to your end user account in CM? Also do you use SSO?



Response Signature


0 Helpful

Go to solution
Ibrahim AlQumairi
Level 1
Level 1

‎03-01-2024 10:23 AM

Maybe the are converted to be local users, try to delete one of the users and add it again from the LDAP.

0 Helpful

Go to solution
Carlo Poggiarelli
VIP
VIP

‎03-02-2024 02:16 PM

Hi,

Please check if the AD base search is the same for both directory and authentication or if those user rely on that group.

On authentication instead of 389 standard ldap port try to use global catalogue port 3268.

 

HTH

 

Regards

 

Carlo

 

 

Please rate all helpful posts "The more you help the more you learn"
0 Helpful

Go to solution
Roger Kallberg
VIP
VIP
In response to Carlo Poggiarelli

‎03-02-2024 11:34 PM

AFAIK the ports you listed are for unsecured communications with AD/LDAP. That’s from what I know not applicable anymore since Microsoft made policy changes to not allow unsecured communications to AD/LDAP. There are very good documentation on cisco.com on how to setup secure communication for the LDAP synchronisation with AD in CM. Very shortly it uses other ports, 636 for regular domain controllers and  3269 for global catalog and requires certificate(s) to form the SSL connection. If you’re using internally sourced CA signed certificates in CM those are likely originated from the same CA as the certificates used in the AD system, so then there would be no need to upload any additional certificates to the trust store in CM.



Response Signature


0 Helpful
Customers Also Viewed These Support Documents