Product Guides
LDAP lookup without LDAP integration in Call Manager
My company has a product that can use LDAP queries to search for a users directory phone number in LDAP databases and transfer them as text messages to our SIP based WIFI and IP-DECT phones or to applications like SMS to GSM, to a PC-WEB Page, email etc..
We tested this against CCM 4.2 and used the following settings which will search the default Embedded LDAP server.
LDAP Server address: A.B.C.D
Port Number: 8404
Simple Authentiation
Username: cn=Directory Manager,o=xyz.com
Password: *****
Search Base DN ou=users,o=xyz.com
Number Attribute: telephoneNumber
Type of Name Attribute separate for first and family name
Name attribute: given namn + sn
This does not work with CCM 5 or CCM 6.
It this caused by a change in the SW, that repalced the DC Embedded server by the IBM database?
Is it possible to retreive LDAP information from the IBM database and what then is the correct settings for user account, port and search criteria?
We do not want to integrate with AD or SUN-Netscape which we already know works fine.
Cheers,
Martin
Trainer at Ascom Wireless
Expert's answerIf the embedded database server was replaced with an external database then you would need to adjust your settings to communicate with the external database rather than looking for the embedded database that is no longer there. To determine what settings to use with the external database you would consult the documentation and/or the system administrator that set up the LDAP database to find out which IP address, port number and query format to use. |
More things to try
Since your application worked with CCM 4.2 and has stopped working with either CCM 5 or 6, you may have run up against a major change that Cisco implemented when making a significant rev of CCM. Make sure that the Windows Firewall is disabled when doing your testing. With Cisco having made a change, it is entirely possible that they may be listing on a different port than what the firewall was configured for when you started.
Going with what Steve suggested, I would suggest that you either install Wireshark on the system running your application or on a separate machine positioned on the network where it can see the traffic between both systems using either a span port or network tap. I prefer to have Wireshark running on a separate machine so that I don't accidentally make changes to a machine involved in the test. Run your tests with Wireshark running to see if any respond is coming back from CCM or possible an error that your application either isnt seeing or responding to.
Make sure that you are applying the Windows patches released/tested by Cisco and not downloaded from the Microsoft; sometimes Microsoft patches can cause strange problems.
Anyone who has deal with applications, from Cisco or other companies, will acknowledge that the answer you are looking for isn't always in the publicly available documentation. This is where becoming a member of the Cisco Technology Developer Program might be a good thing to consider doing. You should be able to get access to developer related documention which could help you identify the cause or fix for the problem. If you don't find it in the developer related documentation, you should be able to get access to Cisco Developer Support without having to pay a heafty per call charge.
Hi Guys thanks for all the
Hi Guys thanks for all the ideas but this dis not help or answered my question. I have tried everything you already mentioned.
The reason I published the Q was the following information copied from Dennis Hartmans new CIPT1 book.
-------------
The local Cisco Unified CM database is a Lightweight Directory Access Protocol (LDAP)-compliant
database (LDAPv3) component in the IBM Informix Database Server (IDS).
Cisco Unified CM database Versions 5.0 and later leverages the IBM Informix Dynamic Server (IDS) to store all configuration data, including the user database.
Versions earlier than 5.0 use a Microsoft SQL server database for most configuration information, while user information is stored in the DC Directory server. DC Directory and the IBM IDS are LDAP-compliant databases.
-----------
Question still that needs to be answered.
If the IDS is LDAP Compliant can it be reach with a LDAP query?
CUCM 6
Unfortunately, I think "LDAP-compliant" in this case means that it can be authenticated via LDAP. I looked over the documentation for IDS and the only place LDAP was mentioned is in the Authentication section.
So, for those of us seeking a solution, we're relegated to implementing our own LDAP solution, then having CUCM point to it...or I'm looking into some way to get the XML directory data from CUCM directly, just like the phones do it.
Follwup to your question
I did a little more digging and found an IBM Redbook that shed a little more lite into your situation. The only references I found indicated the LDAP support is just for authentication. I havent been able to find anything else to say otherwise.
You have two options at this point. The first is to call IBM Support and ask this same question. I suspect that since the database is being shipped by Cisco, they could very well refer you to Cisco since some changes may have been made that would prevent or cause problems with trying to use LDAP for other than authentication purposes.
If you do elect to talk to Cisco, you very well may have to escalate your situation to either 2nd or 3rd level support to get to someone who will understand what you are looking for. You may very well end up with the answer but it not being a supported use but from reading your message, I dont think that will be a problem for you. You are just looking for an answer.
Post new comment