cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
8283
Views
0
Helpful
1
Replies

Cisco CUCM 10.5 - LDAP auth & CTI

Hi!

Maybe someone can confirm this:

When changing LDAP auth user search base DN in CUCM 10.5.2 this results in loss of CTI functionality in Cisco Jabber 10.6.x, when logging into Jabber after the change has been made.

Changing LDAP auth user search base DN back to its original value and restarting Cisco Jabber will make CTI work again.

More detailed information:

We are about to set up a new site office or more precise: a new subsidiary company. This subsidiary company will be located outside of the current search base in our AD.

Current user search base for LDAP authentication is:

OU=User,OU=company_DE,DC=company,DC=de

The new location would be:

DC=company,DC=de

After this change has been made, the user is still able to login in Cisco Jabber as well as in CUCM Self Care site. I take this as confirmation that authentication is working with that new LDAP auth user search base.

The problem is: when the users will sign into their Cisco Jabber client at next opportunity, they will experience that CTI will not work anymore. The users are listed as "Active LDAP Synchronized User".

The corresponding error in Cisco Jabber is:


Deskphone - Unhealthy

Status: Not connected

Protocol: CTI

Reason:Connection error. Ensure the server information in the Phone Services tab on the Options window is correct. Contact your system administrator for assistance.

When changing search base DN back to its original setting, CTI is working again when the user is logging in again.

This behaviour is reproducible and it doesn't matter whether you restart CTI Manager in Serviceability or not.

My undestanding, however, is: changing the user search base DN for LDAP auth to a higher entry should not affect CTI at all. The user DN should remain the same, which is confirmed by users being able to login in Cisco Jabber as well as in CUCM itself, for example the self care portal.

Is there a workaround possible? Or even a solution?

1 Accepted Solution

Accepted Solutions

I've crossposted this to supportforums.cisco.com:

Cisco CUCM 10.5 - LDAP auth & CTI | Other Collaboration, Voice, and Video Subjects | Cisco Support Community | 5791 | 12…

You may want to follow up there...

UPDATE 2015-03-16: currently there's no quick solution for that problem as the bind request is denied by the LDAP server. You can find the outcoming of a TAC engineer at the supportforum discussion as well.

View solution in original post

1 Reply 1

I've crossposted this to supportforums.cisco.com:

Cisco CUCM 10.5 - LDAP auth & CTI | Other Collaboration, Voice, and Video Subjects | Cisco Support Community | 5791 | 12…

You may want to follow up there...

UPDATE 2015-03-16: currently there's no quick solution for that problem as the bind request is denied by the LDAP server. You can find the outcoming of a TAC engineer at the supportforum discussion as well.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: