Troubleshooting Guide for Cisco CallManager, Release 4.1(2) - Directory Issues [Cisco Unified Communications Manager (CallManager)]

Table Of Contents

Directory Issues

Replication Issues

DC Directory Stability

DCD Instability

Application Profiles Are Not Shown for User Configuration with the DC Directory

Add a New User Does Not Work and You Cannot Access the DC Directory Administrator

Schema Update Fails in Active Directory if Child domain is Down

Netscape Directory Plugin Over SSL Fails After Failure in Accessing the User Pages

Netscape Directory Integration Using LDAP over SSL requires CA Certificate in Database

Related Information

Directory Issues

This section covers the solutions for the most common issues related to a Cisco CallManager DC Directory (DCD), which uses a Lightweight Directory Access Protocol (LDAP) directory, and the Microsoft Active Directory (AD).

This section covers the following directory issues:

•DC Directory Stability

•Application Profiles Are Not Shown for User Configuration with the DC Directory

•Add a New User Does Not Work and You Cannot Access the DC Directory Administrator

•Schema Update Fails in Active Directory if Child domain is Down

•Netscape Directory Plugin Over SSL Fails After Failure in Accessing the User Pages

•Netscape Directory Integration Using LDAP over SSL requires CA Certificate in Database

If the following procedures do not solve your directory issues, contact TAC for a more detailed investigation.

Caution Using Katakana, Cyrillic, or other double-byte character sets with DC Directory, Netscape Directory, or Active Directory can cause directory database errors. This release of Cisco CallManager does not support using any double-byte character set with any directory.

For IP phone directory issues, refer to the following URL for detailed information:

http://www.cisco.com/univercd/cc/td/doc/product/voice/c_ipphon/index.htm

Replication Issues

For replication issues, see Chapter 4 "Cisco CallManager System Issues," and the "Replication Fails Between the Publisher and the Subscriber" section.

DC Directory Stability

The DCD Instability procedure is valid for Cisco CallManager servers running versions 3.1(1) and later.

DCD Instability

Symptom
The following issues relate to the instability of the DCD:

•Cisco CallManager publisher server has correct user data and one or more Cisco CallManager subscriber servers either do not have user data or the user data is out of date with the Publisher's database.

•DC Directory Service on the Cisco CallManager publisher server takes a long time to start-up (appears to stall/hang on startup).

•DC Directory Replication errors are logged to the Cisco CallManager publisher and/or subscriber server(s) in the Application Event Viewer.

Possible Cause
Examination of C:\dcdsrvr\run\dcx500\dcx500.out shows duplicate and/or invalid replication agreements.

The presence of invalid replication agreements causes the DC Directory database (files in C:\dcdsrvr\run\dcx500\database) to grow extremely large (more than 100 MB), which results in the DC Directory taking much time to shut down and start up.

These duplicate and invalid agreements are caused by one of the following:

–The customer reinstalling the Cisco Customer Response Application (CRA) server (or a Cisco CallManager subscriber) one or more times (each reinstall of CRA server/Cisco CallManager server will cause the publisher to have a new replication agreement to the subscriber).

–Decommissioning an existing CRA server (or a Cisco CallManager subscriber) without performing the DC Directory reconfiguration procedure in the Cisco CallManager cluster.

Note When removing a directory node from a Cisco CallManager cluster, the DC Directory replication agreements to the removed subscriber are not automatically cleaned up.

–Manually running the avvid_scfg command on the subscriber more than once (for instance, a partial DC Directory reconfiguration procedure was attempted).

Note Never perform a partial DC Directory reconfiguration procedure, (for example, run avvid_scfg without a preceding cleandsa on the publisher and the CRA server and/or Cisco CallManager subscriber).

The root cause of the database growing to such large sizes is that DC Directory tries to save the state for each and every replication operation that it fails to perform. Over time, this saved state information for the invalid replication agreements causes the database to grow to several hundred MBs.

DcDirectory replication should not be confused with SQLServer replication. They are two completely independent processes.

If you perform a reinstallation of a Cisco CallManager subscriber or CRA server 2.2(4) and earlier or CRA server 3.0(1), you must perform the DC Directory reconfiguration procedure on all of the nodes in the cluster, including the standalone CRA servers, starting with the DC Directory publisher.

Recommended Action
While performing these tasks, it is required to be either directly at the console of the Media Convergence Server (MCS) servers, connected through a Keyboard/Video/Mouse (KVM) switch, or connected via Telnet to the servers. Performing these specific tasks while connected through a Terminal Services Client connection has not been fully tested and may produce unexpected results.

Note Cisco recommends that you schedule downtime to run the procedure.

The two steps involved are:

–Installation

–Reconfiguration

Installation

1. Download DCDScripts.1-0-5.exe from the Cisco CallManager Version 3.2 ( registered customers only) website.

Note This step is applicable only if you are running Cisco CallManager version 3.1(1) to version 3.3(2c). For Cisco CallManager 3.3(3) and later, a modified version of these scripts is installed along with Cisco CallManager. Thus, for Cisco CallManager 3.3(3) and later, do not download these scripts from CCO; instead proceed to the next installation step.

2. Copy and run DCDScripts.1-0-5.exe on all the nodes in the Cisco CallManager cluster and on the CRA/CRS application servers. Accept the default settings when prompted to do so and click Unzip.

Reconfiguration

There are two possible scenarios when you go to reconfigure your DC Directory after installation.

–The DC Directory database is larger than 100 Mb.

–The DCD database is less than 100 Mb.

Both procedures follow:

Reconfiguring DC Directory on Cisco CallManager Publisher (database more than 100 Mb)

These steps ensure that your user data in DC Directory on the publisher Cisco CallManager server is backed up in case of a failure during these steps or otherwise when the DC Directory database is larger than 100 Mb (C:\dcdsrvr\run\dcx500\database).

1. Backup your current directory information by either using the MCS backup utility or running the dcbckdib /y backup C:\dcdsrvr\backup command from a DOS command prompt.

Note The C:\dcdsrvr\backup folder must exist prior to running the preceding command.

2. On the Publisher server, while logged in as the Administrator, open a command prompt by selecting Start > Run and entering cmd.

3. Type the command avvid_migrate_save.cmd <servername><password> and press any key when prompted.

The output of this command will look similar to the following:
C:\>avvid_migrate_save jayas-w2k ciscocisco
A subdirectory or file C:\dcdsrvr\log already exists.
****************************************
*                                      *
* -- CISCO User Preferences Support -- *
*                                      *
****************************************
A subdirectory or file C:\dcdsrvr\suspense already exists.
Run the perl script avvid_migrate_save.pl
A subdirectory or file C:\dcdsrvr\log already exists.
A subdirectory or file 
C:\dcdsrvr\run\DCX500\config\Migration-Backup already
exi
sts.
Saving User Information...
Saving Profile Information...
Saving Apps20 Information...
Saving Admin Information...
Saving PA node Information...
Saving E911 node Information...
Saving systemProfile...
Saving MITRA data...
Saving Groups data...
C:\>
4. Stop the DC Directory service by entering net stop dcdirectory from the command prompt.

5. Run cleandsa.cmd or run deletedib.cmd if cleandsa.cmd reports that it is not supported.

6. Run avvid_migrate_cfg.exe. (Usage: avvid_migrate_cfg "<password>")

7. Run avvid_migrate_restore.cmd. (Usage: avvid_migrate_restore <Server Name> <DCDpassword>)

8. Run reconfig_cluster.cmd. (Usage: reconfig_cluster <DCDAdminPassword>)

This command establishes replication agreements to all Cisco CallManager subscribers; there is no need to perform any tasks on any of the Cisco CallManager subscribers.

Reconfiguring DC Directory on Cisco CallManager Publisher (database less than 100 Mb)

Use the following procedure to reconfigure DC Directory in the Cisco CallManager publisher when the DCD database is less than 100 Mb (C:\dcdsrvr\run\dcx500\database).

1. Run reconfig_cluster.cmd.

2. This command establishes replication agreements to all Cisco CallManager subscriber servers; no additional steps need to be performed on any of the Cisco CallManager subscribers.

Reconfiguring DC Directory on the CRA/CRS Server

Use the following procedure to reconfigure the DC Directory on the CRA/CRS server.

1. Stop DC Directory service.

2. Run cleandsa.cmd or run deletedib.cmd if cleandsa.cmd reports that it is not supported.

3. Run avvid_scfg.cmd. (Usage: reconfig_cluster <DCDAdminPassword>)

Note If the network has a single Cisco CallManager server with or without co-located CRA/CRS, run reconfig_cluster.cmd. In this case, do not run the steps listed for the Cisco CRA/CRS server.

Note If you upgrade, reinstall, or add a new Cisco CallManager server 3.2(2c) and earlier, or CRA 2.2(4) or earlier, and CRA 3.0(1), you must copy and run DCDScripts.1-0-5.exe as described in the installation section.

Verification

Use the following procedure to verify that the DCD is stable and efficiently running.

1. From Cisco CallManager Administration, choose
User > Global Directory.

2. Search for users.

Application Profiles Are Not Shown for User Configuration with the DC Directory

Symptom
When you are adding a user to the directory, the Application Profiles (such as AutoAttendant, Softphone, and Extension Mobility) do not display, and a user cannot be linked to those profiles.

Possible Cause
The Application Profiles were configured incorrectly.

Recommended Action
Use the following procedure to configure the application profile, so you can add or view users in the DC Directory.

1. Connect to the DC Directory Administrator.

2. Choose Directory > cisco.com > CCN.

3. Click systemProfile.

4. Right-click systemProfile and choose Properties.

5. Click the Application Install Status tab.

6. Check the values for the applications. If the values for "AA Installed," "Softphone Installed," "ASR Installed," and "Hotelling Installed" are blank, go to 7.

Otherwise, proceed to 11.

7. Choose Modify.

8. Change the values from true to false and those that are false to true.

9. Click Apply.

10. Click OK.

11. Repeat 4. and 5.

12. Click Modify.

13. All values should be visible.

14. Change the value of the installed applications to true.

15. Click Apply.

16. Click OK.

17. Click Services.

18. In the right panel, choose World Wide Web Publishing Service.

19. Click the Restart Service icon.

20. Repeat all steps for all servers in the cluster in which you experienced the problem.

Verification

The Application Profiles display in the DC Directory.

Add a New User Does Not Work and You Cannot Access the DC Directory Administrator

Symptom
You cannot add a user from Cisco CallManager Administration. Also, cannot log in to the DC Directory Administrator.

Adding a new user returns the following error.
Error Message    Sorry your session object has timed out. Click here 
to Begin a New search.
Searching for a new user results in the page refreshing and waiting for input.

Possible Cause
The Directory Manager user password contains special characters, such as "^".

Recommended Action
Use the following procedure to change the DC Directory password to one that does not contain special characters.

Note You must have superuser account privileges before you can change the DC Directory Manager password.

Note When you have a publisher server and one or more subscriber servers in a cluster, you must perform the steps in the following procedures on all Cisco CallManagers within the cluster.

1. From Cisco CallManager Administration, choose Start > Programs > DC Directory Administrator.

2. Click Next.

3. In the Password field, enter the default password, cisco, and click Finish.

The DC Directory Administrator window displays.

4. From the Tools menu, choose Change Password.

The Change User Password window appears.

5. In the Old Value field, enter cisco.

6. In the New Value field, enter a new password, without special characters.

7. In the Confirm New Value field, reenter your new password.

8. Click OK.

The DC Directory password is changed.

9. Continue with "Configuring the Windows Registry."

Cisco CallManager Administration also uses the Directory Manager account to perform add, remove, or update operations on the DC Directory LDAP server.

Configuring the Windows Registry

Use the following procedure to update the information that is stored in the registry to ensure that the registry is pointing to the correct directory.

1. Open a command line and enter c:\dcdsrvr\bin.

2. Enter the passwordutils.exe password.
passwordutils.exe password
3. Press Enter.

You need the Encrypted Password value information for the registry.

4. Choose Start > Run.

5. In the Open field, enter regedit.

The Registry Editor window displays.

6. Go to My Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Cisco Systems, Inc.\Directory Configuration.

LDAPURL must point to the correct directory.
ldap://host:port
7. Double-click DCDMGRPW.

The Edit String window appears.

8. In the Value Data field, enter the Encrypted Password value that you obtained in step 3.

9. Click OK.

10. From the Registry Editor window, double-click MGRPW.

The Edit String window appears.

11. In the Value Data field, enter the Encrypted Password value that you obtained in step 3.

12. Click OK.

You have successfully changed the password in the registry.

Note After changing the registry entries, you must restart the WWW and IIS services on the Cisco CallManager node to pick up the latest settings from the registry.

13. Choose Control Panel > Administrative Tools.

14. Double-click Services.

The Services window displays.

15. Choose Worldwide Web Publishing Service.

16. Click Stop.

17. Click Start.

18. Choose DC Directory Server.

19. Click Stop.

20. Click Start.

If you use CRA 2.x that connects to the DC Directory, you must update the password in the Application Administration pages. Continue with "Reconfiguring the Directory Manager Password for CRA and E-services."

Reconfiguring the Directory Manager Password for CRA and E-services

If you use CRA 2.x that connects to the DC Directory, use the following procedure to update the password in the Application Administration pages.

1. Enter http://servername/AppAdmin where servername is the DNS name or IP address of your application server.

2. When prompted, enter the network user name and password.

3. Choose Directory Configuration.

The Directory Configuration window appears.

4. In the Directory Password field, enter your new password.

5. Click OK.

Verification

To verify that you successfully changed the Cisco CallManager DC Directory Manager password, use the following procedure.

1. From Cisco CallManager Administration, choose User > Global Directory.

The User Information window appears.

2. Click Search.

3. If you can view the users that are configured in the system, the configuration was successful.

If you cannot view the users that are configured in the system, verify the following information:

–The new password is effective: Log in to the DC Directory with the new password.

–The encrypted password was entered correctly into the registry.

–The directory is pointing to the correct directory and not another directory (such as AD or an old directory which could be empty).

–The Worldwide Web Publishing and DC Directory services are restarted and running after the restart.

Schema Update Fails in Active Directory if Child domain is Down

Symptom    Schema update fails in the two-domain Active Directory Forest setup with one child domain down.
Possible Cause    A child domain may have been disconnected from the network.
Recommended Action    When integrating Cisco CallManager with an Active Directory Forest, all the domains must be connected to the network. The Schema Master server must have access to all the domains in order for the schema update to be replicated across the forest.

Netscape Directory Plugin Over SSL Fails After Failure in Accessing the User Pages

Symptom    If the plugin to integrate Netscape Directory is run with an invalid SSL certificate, the user pages cannot be displayed.
Possible Cause    The plugin to integrate Netscape Directory is run with an invalid SSL certificate. For example, the ND server has a Subordinate Certification Authority Certificate when it should have a WebServer Certificate.
Recommended Action    Restart the Netscape Directory Service on the Netscape Directory machine. Then, run the plugin again to integrate Cisco CallManager with the Netscape Directory with a valid certificate.

Netscape Directory Integration Using LDAP over SSL requires CA Certificate in Database

Symptom    User Pages cannot be accessed with Netscape Directory integration over SSL.
Possible Cause    The CA certificate is not present in the certificate database.
Recommended Action    Copy the CA certificate to the certificate database and then run the plugin . If the Cisco CallManager (LDAP client) cannot determine who signed the Netscape Directory Server (LDAP Server) certificate, the connection to the Netscape Directory Server fails because the LDAP Client has no means of trusting the authenticity of the certificate.

Related Information

For directory installation and configuration information, go to the following URL:

http://www.cisco.com/univercd/cc/td/doc/product/voice/c_callmg/4_0/install

	Troubleshooting Guide for Cisco CallManager, Release 4.1(2)
	Directory Issues
Troubleshooting Guide for Cisco CallManager, Release 4.1(2) Index Preface Troubleshooting Overview Troubleshooting Tools Installation, Backup, and Restore Issues Cisco CallManager System Issues Directory Issues Device Issues Dial Plans and Routing Issues Cisco CallManager Services Issues Voice Messaging Issues Opening a Case With TAC Case Study: Troubleshooting Intracluster Phone Calls Case Study: Troubleshooting Cisco IP Phone-to-Cisco IOS Gateway Calls Case Study: Troubleshooting Intercluster Phone Calls	Download this chapter Directory Issues Download the complete book PDF of the entire book (PDF - 3 MB) Feedback Table Of Contents Directory Issues Replication Issues DC Directory Stability DCD Instability Application Profiles Are Not Shown for User Configuration with the DC Directory Add a New User Does Not Work and You Cannot Access the DC Directory Administrator Schema Update Fails in Active Directory if Child domain is Down Netscape Directory Plugin Over SSL Fails After Failure in Accessing the User Pages Netscape Directory Integration Using LDAP over SSL requires CA Certificate in Database Related Information Directory Issues This section covers the solutions for the most common issues related to a Cisco CallManager DC Directory (DCD), which uses a Lightweight Directory Access Protocol (LDAP) directory, and the Microsoft Active Directory (AD). This section covers the following directory issues: •DC Directory Stability •Application Profiles Are Not Shown for User Configuration with the DC Directory •Add a New User Does Not Work and You Cannot Access the DC Directory Administrator •Schema Update Fails in Active Directory if Child domain is Down •Netscape Directory Plugin Over SSL Fails After Failure in Accessing the User Pages •Netscape Directory Integration Using LDAP over SSL requires CA Certificate in Database If the following procedures do not solve your directory issues, contact TAC for a more detailed investigation. Caution Using Katakana, Cyrillic, or other double-byte character sets with DC Directory, Netscape Directory, or Active Directory can cause directory database errors. This release of Cisco CallManager does not support using any double-byte character set with any directory. For IP phone directory issues, refer to the following URL for detailed information: http://www.cisco.com/univercd/cc/td/doc/product/voice/c_ipphon/index.htm Replication Issues For replication issues, see Chapter 4 "Cisco CallManager System Issues," and the "Replication Fails Between the Publisher and the Subscriber" section. DC Directory Stability The DCD Instability procedure is valid for Cisco CallManager servers running versions 3.1(1) and later. DCD Instability Symptom The following issues relate to the instability of the DCD: •Cisco CallManager publisher server has correct user data and one or more Cisco CallManager subscriber servers either do not have user data or the user data is out of date with the Publisher's database. •DC Directory Service on the Cisco CallManager publisher server takes a long time to start-up (appears to stall/hang on startup). •DC Directory Replication errors are logged to the Cisco CallManager publisher and/or subscriber server(s) in the Application Event Viewer. Possible Cause Examination of C:\dcdsrvr\run\dcx500\dcx500.out shows duplicate and/or invalid replication agreements. The presence of invalid replication agreements causes the DC Directory database (files in C:\dcdsrvr\run\dcx500\database) to grow extremely large (more than 100 MB), which results in the DC Directory taking much time to shut down and start up. These duplicate and invalid agreements are caused by one of the following: –The customer reinstalling the Cisco Customer Response Application (CRA) server (or a Cisco CallManager subscriber) one or more times (each reinstall of CRA server/Cisco CallManager server will cause the publisher to have a new replication agreement to the subscriber). –Decommissioning an existing CRA server (or a Cisco CallManager subscriber) without performing the DC Directory reconfiguration procedure in the Cisco CallManager cluster. Note When removing a directory node from a Cisco CallManager cluster, the DC Directory replication agreements to the removed subscriber are not automatically cleaned up. –Manually running the avvid_scfg command on the subscriber more than once (for instance, a partial DC Directory reconfiguration procedure was attempted). Note Never perform a partial DC Directory reconfiguration procedure, (for example, run avvid_scfg without a preceding cleandsa on the publisher and the CRA server and/or Cisco CallManager subscriber). The root cause of the database growing to such large sizes is that DC Directory tries to save the state for each and every replication operation that it fails to perform. Over time, this saved state information for the invalid replication agreements causes the database to grow to several hundred MBs. DcDirectory replication should not be confused with SQLServer replication. They are two completely independent processes. If you perform a reinstallation of a Cisco CallManager subscriber or CRA server 2.2(4) and earlier or CRA server 3.0(1), you must perform the DC Directory reconfiguration procedure on all of the nodes in the cluster, including the standalone CRA servers, starting with the DC Directory publisher. Recommended Action While performing these tasks, it is required to be either directly at the console of the Media Convergence Server (MCS) servers, connected through a Keyboard/Video/Mouse (KVM) switch, or connected via Telnet to the servers. Performing these specific tasks while connected through a Terminal Services Client connection has not been fully tested and may produce unexpected results. Note Cisco recommends that you schedule downtime to run the procedure. The two steps involved are: –Installation –Reconfiguration Installation 1. Download DCDScripts.1-0-5.exe from the Cisco CallManager Version 3.2 ( registered customers only) website. Note This step is applicable only if you are running Cisco CallManager version 3.1(1) to version 3.3(2c). For Cisco CallManager 3.3(3) and later, a modified version of these scripts is installed along with Cisco CallManager. Thus, for Cisco CallManager 3.3(3) and later, do not download these scripts from CCO; instead proceed to the next installation step. 2. Copy and run DCDScripts.1-0-5.exe on all the nodes in the Cisco CallManager cluster and on the CRA/CRS application servers. Accept the default settings when prompted to do so and click Unzip. Reconfiguration There are two possible scenarios when you go to reconfigure your DC Directory after installation. –The DC Directory database is larger than 100 Mb. –The DCD database is less than 100 Mb. Both procedures follow: Reconfiguring DC Directory on Cisco CallManager Publisher (database more than 100 Mb) These steps ensure that your user data in DC Directory on the publisher Cisco CallManager server is backed up in case of a failure during these steps or otherwise when the DC Directory database is larger than 100 Mb (C:\dcdsrvr\run\dcx500\database). 1. Backup your current directory information by either using the MCS backup utility or running the dcbckdib /y backup C:\dcdsrvr\backup command from a DOS command prompt. Note The C:\dcdsrvr\backup folder must exist prior to running the preceding command. 2. On the Publisher server, while logged in as the Administrator, open a command prompt by selecting Start > Run and entering cmd. 3. Type the command avvid_migrate_save.cmd <servername><password> and press any key when prompted. The output of this command will look similar to the following: C:\>avvid_migrate_save jayas-w2k ciscocisco A subdirectory or file C:\dcdsrvr\log already exists. **************************************** * * * -- CISCO User Preferences Support -- * * * ************************************** A subdirectory or file C:\dcdsrvr\suspense already exists. Run the perl script avvid_migrate_save.pl A subdirectory or file C:\dcdsrvr\log already exists. A subdirectory or file C:\dcdsrvr\run\DCX500\config\Migration-Backup already exi sts. Saving User Information... Saving Profile Information... Saving Apps20 Information... Saving Admin Information... Saving PA node Information... Saving E911 node Information... Saving systemProfile... Saving MITRA data... Saving Groups data... C:\> 4. Stop the DC Directory service by entering net stop dcdirectory from the command prompt. 5. Run cleandsa.cmd or run deletedib.cmd if cleandsa.cmd reports that it is not supported. 6. Run avvid_migrate_cfg.exe. (Usage: avvid_migrate_cfg "<password>") 7. Run avvid_migrate_restore.cmd. (Usage: avvid_migrate_restore <Server Name> <DCDpassword>) 8. Run reconfig_cluster.cmd. (Usage: reconfig_cluster <DCDAdminPassword>) This command establishes replication agreements to all Cisco CallManager subscribers; there is no need to perform any tasks on any of the Cisco CallManager subscribers. Reconfiguring DC Directory on Cisco CallManager Publisher (database less than 100 Mb) Use the following procedure to reconfigure DC Directory in the Cisco CallManager publisher when the DCD database is less than 100 Mb (C:\dcdsrvr\run\dcx500\database). 1. Run reconfig_cluster.cmd. 2. This command establishes replication agreements to all Cisco CallManager subscriber servers; no additional steps need to be performed on any of the Cisco CallManager subscribers. Reconfiguring DC Directory on the CRA/CRS Server Use the following procedure to reconfigure the DC Directory on the CRA/CRS server. 1. Stop DC Directory service. 2. Run cleandsa.cmd or run deletedib.cmd if cleandsa.cmd reports that it is not supported. 3. Run avvid_scfg.cmd. (Usage: reconfig_cluster <DCDAdminPassword>) Note If the network has a single Cisco CallManager server with or without co-located CRA/CRS, run reconfig_cluster.cmd. In this case, do not run the steps listed for the Cisco CRA/CRS server. Note If you upgrade, reinstall, or add a new Cisco CallManager server 3.2(2c) and earlier, or CRA 2.2(4) or earlier, and CRA 3.0(1), you must copy and run DCDScripts.1-0-5.exe as described in the installation section. Verification Use the following procedure to verify that the DCD is stable and efficiently running. 1. From Cisco CallManager Administration, choose User > Global Directory. 2. Search for users. Application Profiles Are Not Shown for User Configuration with the DC Directory Symptom When you are adding a user to the directory, the Application Profiles (such as AutoAttendant, Softphone, and Extension Mobility) do not display, and a user cannot be linked to those profiles. Possible Cause The Application Profiles were configured incorrectly. Recommended Action Use the following procedure to configure the application profile, so you can add or view users in the DC Directory. 1. Connect to the DC Directory Administrator. 2. Choose Directory > cisco.com > CCN. 3. Click systemProfile. 4. Right-click systemProfile and choose Properties. 5. Click the Application Install Status tab. 6. Check the values for the applications. If the values for "AA Installed," "Softphone Installed," "ASR Installed," and "Hotelling Installed" are blank, go to 7. Otherwise, proceed to 11. 7. Choose Modify. 8. Change the values from true to false and those that are false to true. 9. Click Apply. 10. Click OK. 11. Repeat 4. and 5. 12. Click Modify. 13. All values should be visible. 14. Change the value of the installed applications to true. 15. Click Apply. 16. Click OK. 17. Click Services. 18. In the right panel, choose World Wide Web Publishing Service. 19. Click the Restart Service icon. 20. Repeat all steps for all servers in the cluster in which you experienced the problem. Verification The Application Profiles display in the DC Directory. Add a New User Does Not Work and You Cannot Access the DC Directory Administrator Symptom You cannot add a user from Cisco CallManager Administration. Also, cannot log in to the DC Directory Administrator. Adding a new user returns the following error. Error Message Sorry your session object has timed out. Click here to Begin a New search. Searching for a new user results in the page refreshing and waiting for input. Possible Cause The Directory Manager user password contains special characters, such as "^". Recommended Action Use the following procedure to change the DC Directory password to one that does not contain special characters. Note You must have superuser account privileges before you can change the DC Directory Manager password. Note When you have a publisher server and one or more subscriber servers in a cluster, you must perform the steps in the following procedures on all Cisco CallManagers within the cluster. 1. From Cisco CallManager Administration, choose Start > Programs > DC Directory Administrator. 2. Click Next. 3. In the Password field, enter the default password, cisco, and click Finish. The DC Directory Administrator window displays. 4. From the Tools menu, choose Change Password*. The Change User Password window appears. 5. In the Old Value field, enter cisco. 6. In the New Value field, enter a new password, without special characters. 7. In the Confirm New Value field, reenter your new password. 8. Click OK. The DC Directory password is changed. 9. Continue with "Configuring the Windows Registry." Cisco CallManager Administration also uses the Directory Manager account to perform add, remove, or update operations on the DC Directory LDAP server. Configuring the Windows Registry Use the following procedure to update the information that is stored in the registry to ensure that the registry is pointing to the correct directory. 1. Open a command line and enter c:\dcdsrvr\bin. 2. Enter the passwordutils.exe password. passwordutils.exe password* 3. Press Enter. You need the Encrypted Password value information for the registry. 4. Choose Start > Run. 5. In the Open field, enter regedit. The Registry Editor window displays. 6. Go to My Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Cisco Systems, Inc.\Directory Configuration. LDAPURL must point to the correct directory. ldap://host:port 7. Double-click DCDMGRPW. The Edit String window appears. 8. In the Value Data field, enter the Encrypted Password value that you obtained in step 3. 9. Click OK. 10. From the Registry Editor window, double-click MGRPW. The Edit String window appears. 11. In the Value Data field, enter the Encrypted Password value that you obtained in step 3. 12. Click OK. You have successfully changed the password in the registry. Note After changing the registry entries, you must restart the WWW and IIS services on the Cisco CallManager node to pick up the latest settings from the registry. 13. Choose Control Panel > Administrative Tools. 14. Double-click Services. The Services window displays. 15. Choose Worldwide Web Publishing Service. 16. Click Stop. 17. Click Start. 18. Choose DC Directory Server. 19. Click Stop. 20. Click Start. If you use CRA 2.x that connects to the DC Directory, you must update the password in the Application Administration pages. Continue with "Reconfiguring the Directory Manager Password for CRA and E-services." Reconfiguring the Directory Manager Password for CRA and E-services If you use CRA 2.x that connects to the DC Directory, use the following procedure to update the password in the Application Administration pages. 1. Enter http://servername/AppAdmin where servername is the DNS name or IP address of your application server. 2. When prompted, enter the network user name and password. 3. Choose Directory Configuration. The Directory Configuration window appears. 4. In the Directory Password field, enter your new password. 5. Click OK. Verification To verify that you successfully changed the Cisco CallManager DC Directory Manager password, use the following procedure. 1. From Cisco CallManager Administration, choose User > Global Directory. The User Information window appears. 2. Click Search. 3. If you can view the users that are configured in the system, the configuration was successful. If you cannot view the users that are configured in the system, verify the following information: –The new password is effective: Log in to the DC Directory with the new password. –The encrypted password was entered correctly into the registry. –The directory is pointing to the correct directory and not another directory (such as AD or an old directory which could be empty). –The Worldwide Web Publishing and DC Directory services are restarted and running after the restart. Schema Update Fails in Active Directory if Child domain is Down Symptom Schema update fails in the two-domain Active Directory Forest setup with one child domain down. Possible Cause A child domain may have been disconnected from the network. Recommended Action When integrating Cisco CallManager with an Active Directory Forest, all the domains must be connected to the network. The Schema Master server must have access to all the domains in order for the schema update to be replicated across the forest. Netscape Directory Plugin Over SSL Fails After Failure in Accessing the User Pages Symptom If the plugin to integrate Netscape Directory is run with an invalid SSL certificate, the user pages cannot be displayed. Possible Cause The plugin to integrate Netscape Directory is run with an invalid SSL certificate. For example, the ND server has a Subordinate Certification Authority Certificate when it should have a WebServer Certificate. Recommended Action Restart the Netscape Directory Service on the Netscape Directory machine. Then, run the plugin again to integrate Cisco CallManager with the Netscape Directory with a valid certificate. Netscape Directory Integration Using LDAP over SSL requires CA Certificate in Database Symptom User Pages cannot be accessed with Netscape Directory integration over SSL. Possible Cause The CA certificate is not present in the certificate database. Recommended Action Copy the CA certificate to the certificate database and then run the plugin . If the Cisco CallManager (LDAP client) cannot determine who signed the Netscape Directory Server (LDAP Server) certificate, the connection to the Netscape Directory Server fails because the LDAP Client has no means of trusting the authenticity of the certificate. Related Information For directory installation and configuration information, go to the following URL: http://www.cisco.com/univercd/cc/td/doc/product/voice/c_callmg/4_0/install
	Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks