Mailing List Archive

I haven't used it, so here's what I think I know on the topic.

This is actually a CUCM feature, which let's clients still use UDS, but as
a proxy for LDAP searches. So the UDS messaging still goes from Jabber
through MRA (supported), and then once it hits CUCM, the CUCM converts the
UDS message into an LDAP query, followed by converting whatever response it
receives from LDAP into a UDS response back through MRA to the Jabber
client.

The reason you likely couldn't find info on it, is because it's not a
Jabber nor MRA feature, rather it's a CUCM 11.5 feature.

https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/collab11/collab11/directry.html#69687


https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/rel_notes/11_5_1/cucm_b_release-notes-cucm-imp-1151/cucm_b_release-notes-cucm-imp-1151_chapter_010.html#CUCM_RF_O11063F0_00




On Wed, Nov 13, 2019 at 12:38 PM Lelio Fulgenzi <lelio@uoguelph.ca> wrote:

>
> OK, I remember there was talk about enabling LDAP contact search over MRA
> using some sort of special proxy or redirect.
>
> Did that ever happen?
>
> I can't seem to find reference to it in the feature or parameters guide.
>
> We want our user experience to be the same across devices and whether they
> are on-prem or off-prem, so this eliminates any solution that doesn't
> transcend all scenarios.
>
> Right now, contact searches are done to the AD server that our system is
> integrated with via UDS. Problem is, our AD server is not authoritative for
> our phone directory, our LDAP server is.
>
> I was hoping for an easy fix to perform non-authenticated LDAP lookups for
> all scenarios.
>
> Thoughts?
>
>
> ---
> Lelio Fulgenzi, B.A. | Senior Analyst
> Computing and Communications Services | University of Guelph
> Room 037 Animal Science & Nutrition Bldg | 50 Stone Rd E | Guelph, ON |
> N1G 2W1
> 519-824-4120 Ext. 56354 | lelio@uoguelph.ca<mailto:lelio@uoguelph.ca>
>
> www.uoguelph.ca/ccs<http://www.uoguelph.ca/ccs> | @UofGCCS on Instagram,
> Twitter and Facebook
>
> [University of Guelph Cornerstone with Improve Life tagline]
>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>

Thanks Anthony. I did find it and found that, for some reason, they put a restriction on the LDAP search using the LDAP system definition. Argh.

Our directory (for sync) and authentication is AD based. So the LDAP system definition is AD based with sAMAccountName.

As a result, the Search uses the following mapping which is not editable: userID = sAMAccountName.

I don’t understand why they would impose that restriction. Many EDUs have _both_ AD and (native) LDAP servers out there. I want to use my corporate LDAP server (which does not have sAMAccountName) for phone lookups.

Double Argh.


---
Lelio Fulgenzi, B.A. | Senior Analyst
Computing and Communications Services | University of Guelph
Room 037 Animal Science & Nutrition Bldg | 50 Stone Rd E | Guelph, ON | N1G 2W1
519-824-4120 Ext. 56354 | lelio@uoguelph.ca<mailto:lelio@uoguelph.ca>

www.uoguelph.ca/ccs<http://www.uoguelph.ca/ccs> | @UofGCCS on Instagram, Twitter and Facebook

[University of Guelph Cornerstone with Improve Life tagline]

From: Anthony Holloway <avholloway+cisco-voip@gmail.com>
Sent: Wednesday, November 13, 2019 2:29 PM
To: Lelio Fulgenzi <lelio@uoguelph.ca>
Cc: voyp list, cisco-voip (cisco-voip@puck.nether.net) <cisco-voip@puck.nether.net>
Subject: Re: [cisco-voip] Jabber with LDAP contact search over MRA

I haven't used it, so here's what I think I know on the topic.

This is actually a CUCM feature, which let's clients still use UDS, but as a proxy for LDAP searches. So the UDS messaging still goes from Jabber through MRA (supported), and then once it hits CUCM, the CUCM converts the UDS message into an LDAP query, followed by converting whatever response it receives from LDAP into a UDS response back through MRA to the Jabber client.

The reason you likely couldn't find info on it, is because it's not a Jabber nor MRA feature, rather it's a CUCM 11.5 feature.

https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/collab11/collab11/directry.html#69687

https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/rel_notes/11_5_1/cucm_b_release-notes-cucm-imp-1151/cucm_b_release-notes-cucm-imp-1151_chapter_010.html#CUCM_RF_O11063F0_00



On Wed, Nov 13, 2019 at 12:38 PM Lelio Fulgenzi <lelio@uoguelph.ca<mailto:lelio@uoguelph.ca>> wrote:

OK, I remember there was talk about enabling LDAP contact search over MRA using some sort of special proxy or redirect.

Did that ever happen?

I can't seem to find reference to it in the feature or parameters guide.

We want our user experience to be the same across devices and whether they are on-prem or off-prem, so this eliminates any solution that doesn't transcend all scenarios.

Right now, contact searches are done to the AD server that our system is integrated with via UDS. Problem is, our AD server is not authoritative for our phone directory, our LDAP server is.

I was hoping for an easy fix to perform non-authenticated LDAP lookups for all scenarios.

Thoughts?


---
Lelio Fulgenzi, B.A. | Senior Analyst
Computing and Communications Services | University of Guelph
Room 037 Animal Science & Nutrition Bldg | 50 Stone Rd E | Guelph, ON | N1G 2W1
519-824-4120 Ext. 56354 | lelio@uoguelph.ca<mailto:lelio@uoguelph.ca><mailto:lelio@uoguelph.ca<mailto:lelio@uoguelph.ca>>

www.uoguelph.ca/ccs<http://www.uoguelph.ca/ccs><http://www.uoguelph.ca/ccs> | @UofGCCS on Instagram, Twitter and Facebook

[University of Guelph Cornerstone with Improve Life tagline]

_______________________________________________
cisco-voip mailing list
cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip