Revised November 29, 2007
March 06, 2002
NOTICE:
THIS FIELD NOTICE HAS BEEN EXPIRED AND IS NO LONGER MAINTAINED OR UPDATED BY CISCO.
THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE, WARRANTY OR SUPPORT. USE OF THE INFORMATION ON THIS FIELD NOTICE OR MATERIALS LINKED FROM THIS FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.
Products Affected
CallManager 3.1
Problem Description
Root cause for a CallManager memory leak has been determined and attributed to the failure of a user to properly authenticate when using CTI. This behavior is most commonly seen on CallManager systems immediately following the integration with a customer directory such as AD (Active Directory) or Netscape.
The most common cause in this scenario is that the WebAttendant user, CTIFW (CTI Framework), has not been configured with a valid password in the customer directory. Please note that this problem will occur even on Systems that do not utilize the Web Atetndant since the TCD service is always enabled by default. CCMAdmin->Global Directory and "Add a New User" pages stop working if CTIFW user is not configured or the CTI user's password is incorrect.
In addition, general TCP/IP connectivity issues and various other components such as RIS DC may also fail to function properly.
Problem Symptoms
If the CTIFW user is not configured or the password is incorrect, a TCP connection leak will occur.
After sometime the CCMAdmin->Global Directory and "Add a New User" page stops working. In addition, general TCP/IP connectivity issues and various other components such as RIS DC may also not function properly.
There are several indicators available in determining if this problem is at the root.
|
Tool |
Message |
|---|---|
|
Event Viewer |
Error: kCtiProviderOpenFailure - CTI application failed to open provider CTIconnectionId: 485 Login User Id: CtiFw ReasonCode: 2362179680 IPAddress: 172.21.12.44 App ID: Cisco CTIManager Cluster ID: JMTAO-CM2-Cluster Node ID: JMTAO-CM2 CTI Application ID: Cisco Telephony Call Dispatcher Process ID: 0 Process Name: CtiHandler Provider Name: CTI Framework Explanation: Application is unable to open provider. Recommended Action: Check the reason code and correct the problem. Restart CTIManager if problem persists.. |
|
Task Manager |
From the Task Manager select the "Processes" tab, click "View" and then "Select Columns..." Check "Handle Count" and click "OK" Click on the "Handles" column to sort by handles used. You will observe that the CTIManager.exe is consuming a large number of handles (> 500). |
|
DOS netstat |
Another diagnostic tool is to run "netstat -na" from a DOS command prompt on the CM server. A very large number of established connections to TCP port 389 if CallManager is integrated with AD or port 8404 when CallManager is integrated with DCD. |
Workaround/Solution
Configure the ctifw user by following the instructions at: /en/US/docs/voice_ip_comm/cucm/install/3_0/ad_3011.html#xtocid30717
|
Step |
Action |
|---|---|
|
1 |
Set the password for the user in the corporate directory using your standard user management tools. |
|
2 |
On a Cisco CallManager server, choose Start > Run and enter command to open a command prompt. Click OK |
|
3 |
Enter the command, Passwordutils ; for example, "passwordutils ciscocisco" |
|
4 |
The previous action generates an enccrypted password. Copy the password into the windows clipboard. |
|
5 |
Choose Start > Run |
|
6 |
Enter regedit into the Open Field and then click OK |
|
7 |
Browse to \\HKEY_LOCAL_MACHINE\Software\Cisco Systems, Inc.\Directory Configuration within the registry. |
|
8 |
Delete the value CTIFWPW and paste the encrypted password from Step 3 into the field. |
|
9 |
Restart the Cisco Telephony Call Dispatcher service by choosing Start > Programs > Administrative Tools > Services. Highlight the service in the list; right click on the service and then click Restart from the drop-down list. |
|
10 |
Repeat Step 2 through Step 9 for each Cisco CallManager server in the cluster. |
IMPORTANT: Please note that you must reboot the CM server in all cases to reset the established TCP connections and recover the lost memory.
Alternatively, if you are not using the Cisco WebAttendant and/or the Cisco Telephony Call Dispatcher Service, set it to "manual" or "disabled" from the "Services" control panel.
DDTS
To follow the bug ID link below and see detailed bug information, you must be a registered user and you must be logged in.
|
DDTS |
Description |
|---|---|
|
CSCdv28302 (registered customers only) |
LDAP connectoin leak in CTI when user authentication fails |
Revision History
|
Revision |
Date |
Comment |
|---|---|---|
|
1.2 |
29-NOV-2007 |
Expired Field Notice |
|
1.1 |
29-NOV-2007 |
Reformat Document |
|
1.0 |
06-MAR-2002 |
Initial Public Release |
For More Information
If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:
Receive Email Notification For New Field Notices
Product Alert Tool - Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.