本文档介绍如何对统一消息服务和统一消息帐户进行故障排除。Cisco Unity Connection 8.5版及更高版本支持单收件箱(SIB),也称为统一消息传送。在8.5版之前的版本中,Unity Connection只能接受语音邮件,并能将语音邮件转发到外部电子邮件地址。
Cisco 建议您了解以下主题:
本文档中的信息基于以下软件和硬件版本:
本文档中的信息都是基于特定实验室环境中的设备编写的。本文档中使用的所有设备最初均采用原始(默认)配置。如果您使用的是真实网络,请确保您已经了解所有命令的潜在影响。
SIB是Cisco Unity Connection 8.5版中的统一消息传送功能之一,可同步Connection和Exchange邮箱中的语音消息。当用户启用SIB时,发送给用户的所有连接语音消息(包括从Cisco Unity Connection VMO发送的语音消息)首先存储在Connection中,并立即复制到用户的Exchange邮箱。此外,状态更改(例如,从未读到已读)、对主题行的更改和对优先级的更改会从Connection复制到Exchange,反之亦然。当读取邮件时,邮件等待指示器(MWI)关闭 — 通过电话或电子邮件客户端。
有关如何配置SIB的信息,请参阅配置Cisco Unity Connection 8.5及更高版本和Exchange for Unified Messaging的任务列表。
必须在Unity Connection上为SIB配置以下两个主要部分:
本节提供用于对统一消息服务和统一消息帐户进行故障排除的提示。
问题:场景 1
在统一消息服务下,如果选择了指定Exchange服务器而不是搜索Exchange服务器,则测试成功。如果选择了搜索Exchange服务器,则单击页面上的“测试”按钮时会显示此错误:
Searching the network Failed to locate a Domain Controller via DNS.
Searching the network Failed to locate an Exchange 2003 server.
Connection will not be able to Locate Exchange 2003 subscribers.
以下是Tomcat日志示例(设置CsExMbxLocator微跟踪,10-13级):
CsExMbxLocator,13,AutoDiscoverURLS not found in cache
CsExMbxLocator,13,[CsExMbxLocator/CsExMbxLocator.cpp:331]:
Run DNS query for: _ldap._tcp.dc._msdcs.xxx.xxx
CsExMbxLocator,13,[CsExMbxLocator/CCsDNSResolver.cpp:168]:
querying dns for _ldap._tcp.dc._msdcs.xxx.xxx question type 33
CsExMbxLocator,13,[CsExMbxLocator/CCsDNSResolver.cpp:186]
Length of returned DNS response is -1
CsExMbxLocator,10,[CsExMbxLocator/CCsDNSResolver.cpp:190]
failed to get dns results for _ldap._tcp.dc._msdcs.xxx.xxx question type 33
CsExMbxLocator,11,[CsExMbxLocator/CsExMbxLocator.cpp:359]:
DNS query for: _ldap._tcp.dc._msdcs.xxx.xxx didn't return results
CsExMbxLocator,13,[CsExMbxLocator/CsExMbxLocator.cpp:192]
Test Button result: Failed to locate a Domain Controller via DNS.
CsExMbxLocator,13,[CsExMbxLocator/CsExMbxLocator.cpp:192]
Test Button result: Failed to locate an Exchange 2003 server.
Connection will not be able to Locate Exchange 2003 subscribers.
CsExMbxLocator,11,Failed to find DC required for 2003 support
有关其他故障排除步骤,请参阅Cisco Bug ID CSCtq10780和授予Cisco Unity Connection 8.5及更高版本(仅限Exchange 2003)的统一消息服务帐户权限。
问题:场景 2
单击页面上的Test按钮时显示此错误:
Could not connect to Domain Controller (dc1.xxx.xxx) from DNS
Could not connect to Domain Controller (dc2.xxx.xxx) from DNS
Could not connect to Domain Controller (dc3.xxx.xxx) from DNS
以下是Tomcat日志示例(设置CsExMbxLocator微跟踪,10-13级):
CsExMbxLocator,10,LDAP initialize non-SSL Return Code (0)
CsExMbxLocator,10,LDAP authentication bind failed: INVALID_CREDENTIALS
CsExMbxLocator,10,CCsLDAPHelper::Init():exit AUTH_NOT_INITIALIZED
CsExMbxLocator,13,[CsExMbxLocator/CsExMbxLocator.cpp:192] Test Button result:
Could not connect to Domain Controller (dc1.xxx.xxx) from DNS
解决方案
此问题可能是由于Unity Connection中输入的密码已过期或密码不正确(帐户在Active Directory中锁定)而导致的。 要解决此问题,请在Active Directory中更改密码,然后在Unity Connection中再次输入。
问题:场景 3
单击页面上的Test按钮时显示此错误:
Searching the network Could not connect to Domain Controller (dc1.xxx.xxx) from DNS
Searching the network Could not connect to Domain Controller (dc2.xxx.xxx) from DNS
Searching the network Failed to locate a Domain Controller via DNS.
Searching the network Failed connected to Exchange CAS server at
(https://xxx.xxx/autodiscover/autodiscover.xml)
Searching the network Failed connected to Exchange CAS server at
(https://autodiscover.xxx.xxx/autodiscover/autodiscover.xml)
Searching the network Could not find an Exchange CAS server via Autodiscover
DNS SRV record
Searching the network Failed to locate an Exchange CAS server. Connection will
not be able to Locate Exchange 2007/2010 subscribers.
可能的解决方案
从日志中,可以看到类似的跟踪条目,如场景2中所述。如果Unity Connection无法连接到域控制器,则问题很可能是密码不正确。如果Unity Connection能够连接到域控制器并仍然收到其余错误,请选中场景5。
以下是Tomcat日志示例(设置CsExMbxLocator微跟踪,级别10-13):
CsExMbxLocator,10,[CsExMbxLocator/CsExMbxLocator.cpp:1173]:
HTTP request failed with error: Couldn't connect to server
-- couldn't connect to host, HTTP status code: 503, for
Autodiscovery URL: http://autodiscover.xxxxxxxxx.xxx/
autodiscover/autodiscover.xml, verb: GET, query:
CsExMbxLocator,13,[CsExMbxLocator/CsExMbxLocator.cpp:192]
Test Button result: Failed connected to Exchange CAS
server at (http://autodiscover.xxxxxxxxx.xxx/autodiscover/autodiscover.xml)
CsExMbxLocator,13,[CsExMbxLocator/CCsDNSResolver.cpp:168]:
querying dns for_autodiscover._tcp.xxxxxxxxx.xxx question type 33
CsExMbxLocator,13,[CsExMbxLocator/CCsDNSResolver.cpp:186]
Length of returned DNS response is -1
CsExMbxLocator,10,[CsExMbxLocator/CCsDNSResolver.cpp:190]
failed to get dns results for_autodiscover._tcp.xxxxxxxxx.xxx
question type 33
CsExMbxLocator,13,[CsExMbxLocator/CsExMbxLocator.cpp:192]
Test Button result: Could not find an Exchange CAS server via
Autodiscover DNS SRV record
CsExMbxLocator,11,[CsExMbxLocator/CsExMbxLocator.cpp:636]:
DNS query for: _autodiscover._tcp.xxxxxxxxx.xxx didn't return results
CsExMbxLocator,13,[CsExMbxLocator/CsExMbxLocator.cpp:192]
Test Button result: Failed to locate an Exchange CAS server.
Connection will not be able to Locate Exchange 2007/2010 subscribers.
如果在日志中看到这些跟踪,请导航至Unified Messaging > Unified Messaging Services > Exchange Servers > Search for Exchange Servers > Active Directory DNS Domain Name,并确保域名正确。
问题:场景 4
单击页面上的Test按钮时显示此错误:
Peer certificate cannot be authenticated with known CA certificates
- SSL certification problem, verify that the CA cert is OK.
Details: error:14090086SL routinesSL3_GET_SERVER_CERTIFICATE:
certificate verify failed
证书可以成功上传到Connection-Trust;但是,当您将同一证书上传到Tomcat-Trust时,会收到此错误:
Error reading the certificate
可能的解决方案
Root Certificate
----------------------
Here the Issuer Name and Subject Name will be the same.
Issuer Name: CN=ABC, OU=XXXX, OU=XXX, O=XXXXX, C=XX
Validity From: Tue Nov 07 16:00:00 PST 2006
To: Wed Jul 16 16:59:59 PDT 2036
Subject Name: CN=ABC, OU=XXXX, OU=XXX, O=XXXXX, C=XX
Intermediate Certificate
----------------------------
Here the Issuer Name will be that of the Root Certificate and Suject
Name will have information about the Intermediate Certificate.
Issuer Name: CN=ABC, OU=XXXX, OU=XXX, O=XXXXX, C=XX
Validity From: Sun Feb 07 16:00:00 PST 2010
To: Fri Feb 07 15:59:59 PST 2020
Subject Name: CN=XYZ, OU=XXXXXXXXXXXXXXXXX, OU=XXXXXXXXXXXXXXX,
O=XXXXXXXX, C=XX
Server Certificate
--------------------------
Here the Issuer name will be that of the Intermediate certificate and the
Subject Name will contain information about the Exchange server
Issuer Name: CN=XYZ, OU=XXXXXXXXXXXXXXXXX, OU=XXXXXXXXXXXXXXX,
O=XXXXXXXX, C=XX
Validity From: Thu Aug 01 17:00:00 PDT 2013
To: Thu Aug 17 16:59:59 PDT 2017
Subject Name: CN=mail.abc.lab, OU=XXXX, OU=XX, O=XXXXXXX, L=XXXX, ST=XXXX, C=XX
问题:方案 5
单击页面上的Test按钮时显示此错误:
Searching the network Successfully connected to Domain Controller (dc1.xxx.xxx)
from DNS
Searching the network Could not connect to Exchange CAS server
(https://EX2010-1.xxx.xxx/Autodiscover/Autodiscover.xml) from Active Directory
Searching the network Could not find an Exchange CAS server via Active Directory
Searching the network Successfully connected to Exchange 2003 server (EX2003.xxx.xxx)
from Active Directory
Searching the network Failed connected to Exchange CAS server at
(https://xxx.xxx/autodiscover/autodiscover.xml)
Searching the network Failed connected to Exchange CAS server at
(https://autodiscover.xxx.xxx/autodiscover/autodiscover.xml)
Searching the network Could not find an Exchange CAS server via Autodiscover DNS
SRV record
Searching the network Failed to locate an Exchange CAS server. Connection will not be able
to Locate Exchange 2007/2010 subscribers.
可能的解决方案
检查Exchange 2010中央身份验证服务(CAS)是否设置为需要HTTPS,以及Exchange 2003服务器是否设置为仅HTTP。设置CAS以允许HTTP或HTTPS。
下面是类似的场景:
Searching the network Successfully connected to Domain Controller (dc1.xxx.xxx)
from DNS
Searching the network Could not connect to Exchange CAS server
(https://EX2010-1.xxx.xxx/Autodiscover/Autodiscover.xml) from Active Directory
Searching the network Could not find an Exchange CAS server via Active Directory
Searching the network Failed to locate an Exchange 2003 server. Connection will
not be able to locate Exchange 2003 subscribers.
Searching the network Failed connected to Exchange CAS server at
(https://xxx.xxx/autodiscover/autodiscover.xml)
Searching the network Failed connected to Exchange CAS server at
(https://autodiscover.xxx.xxx/autodiscover/autodiscover.xml)
Searching the network Could not find an Exchange CAS server via Autodiscover DNS
SRV record
Searching the network Failed to locate an Exchange CAS server. Connection will
not be able to Locate Exchange 2007/2010 subscribers.
可能的解决方案
问题:方案 6
单击页面上的Test按钮时显示此错误:
Could not connect to Exchange 2003 server (ncacn_ip_tcp:
<exchangemailboxserver1.example.com>) from Active Directory
Could not connect to Exchange 2003 server (ncacn_ip_tcp:
<exchangemailboxserver2.example.com>) from Active Directory
Could not connect to Exchange 2003 server (ncacn_ip_tcp:
<exchangemailboxserver3.example.com>) from Active Directory
有关其他故障排除步骤,请参阅Cisco Bug ID CSCto35509。
问题:场景 1
单击页面上的Test按钮时显示此错误:
The system failed to perform an IMAP operation.
Refer to other warnings and errors generated by the tool, and check the Tomcat
log file for details.
The system failed while trying to make an API call.
以下是示例CuImapSvr日志(设置CuImapSvr Micro Trace — 所有级别):
CML,19,Connection attempt to IMAP server at
{10.xxx.xxx.xx:143/imap/notls/user="xxx/um/TestUser"}INBOX failed.
CML,19,E_CML_IMAP_CONNECT_FAILED (0x80046410)
Connection failed on IMAP request. Logged from HRESULT
CCsCmlImapDriver::ExecuteRequest(TCsAutoPtr<CCsCmlImapRequest>&)
in CsCml/CsCmlImapDriver.cpp at line 355.
CML,19,E_CML_IMAP_CONNECT_FAILED (0x80046410)
Unable to count messages using search-term ALL on
imapfolder[login={10.xxx.xxx.xx:143/imap/notls/user="xxx/um/TestUser"}INBOX]
in imapmbx[store=10.xxx.xxx.xx login=xxx/um/TestUser in
session[id=5 alias=TestUser].
Logged from virtual HRESULT
CCsCmlImapFolder::GetMessageCount(const CCsCmlSearchTerm&, int&) in
CsCml/CsCmlImapFolder.cpp at line 258.
CML,11,E_CML_IMAP_CONNECT_FAILED (0x80046410) Unable to get a message
count from the External inbox for subscriber TestUser. Logged from HRESULT
<unnamed>::VerifyMailbox(CCsCdlSubscriber&, CCsCmlMailbox&) in
CsCml/CsCmlSession.cpp at line 486.
可能的解决方案
问题:场景 2
单击页面上的Test按钮时显示此错误:
The system failed to perform a typical calendar operation.
可能的解决方案
问题:场景 3
单击页面上的Test按钮时显示此错误:
Failed accessing xxx@ayz.com Diagnostic=[Timeout was reached --
operation timed out after 1000 milliseconds with 0 bytes recieved]
可能的解决方案
问题:场景 4
单击页面上的Test按钮时显示此错误:
Failed accessing xxx@ayz.com Diagnostic=[] Verb =[] url=[] request=[] response[]
可能的解决方案
日志示例:
HTTP request failed with error: Bad response from server, HTTP code returned:
401, HTTP status code: 401
日志示例:
HTTP request failed with error: Couldn't connect to server -- couldn't connect
to host, HTTP status code: 503
问题:方案 5
单击页面上的Test按钮时显示此错误:
The error is error:0200206F:system library:connect:Connection refused.
Refer to the tomcat log
以下是示例Tomcat日志:
HTTP 503 ERRORS:
HTTP request failed with error: Couldn't connect to server --
couldn't connect to host, HTTP status code: 503, for ews
URL: https://xxxxxxxx.outlook.com/EWS/Exchange.ASMX, verb: POST
HTTP 401 ERRORS:
HTTP request failed with error: Bad response from server, HTTP code returned:
401, HTTP status code: 401, for ews URL:
https://xxxxxxxxxx.outlook.com/EWS/Exchange.ASMX, verb: POST
HTTP 404 ERRORS:
HTTP request failed with error: Bad response from server, HTTP code returned:
404, HTTP status code: 404, for Autodiscovery URL:
https://xxxx.com/autodiscover/autodiscover.xml, verb: GET, query:
可能的解决方案
问题:方案 6
单击页面上的Test按钮时显示此错误:
Diagnostic=[SSL connect error -- error:1408F119:SSL routines:SSL3_GET_RECORD:
decryption failed or bad record mac] Verb=[POST]
解决方案
这是由于证书损坏。从“操作系统管理”页重新生成tomcat.pem证书。重新启动Tomcat服务。
错误代码
以下是您可能会遇到的一些错误代码:
Log Name: Application
Source: MSExchange Web Services
Date: 9/7/2013 7:59:16 PM
Event ID: 24
Task Category: Core
Level: Error
Keywords: Classic
User: N/A
Computer: XXX.XXXXXXXXX.com
Description:
The Exchange certificate [Subject]
CN=XXX.XXXXXXXXX.com, OU=XXXXXXXXX, OU=XX, O=XXXXXXXXXXXX, L=XXXXXX,
S=XXXXXXX, C=XX
[Issuer]
CN=XXXXXXXXXXX, OU=XXXXXXXXXXX, OU=XXXXXXXXX, O=XXXXXXXXX, C=XX
[Serial Number]
XXXXXXXXXXXXXXXXXXXXXXXXX
[Not Before]
8/9/2012 5:00:00 PM
[Not After]
8/17/2013 4:59:59 PM
[Thumbprint]
XXXXXXXXXXXXXXXXXXXXXXXXXXXXX
expired on 8/17/2013 4:59:59 PM.
本文档还提及其中一些错误代码:单个收件箱不适用于与统一消息服务关联的用户。
如果Exchange服务器响应缓慢,请增加Cisco Unity Connection中等待响应的时间(以秒为单位)(在“系统设置”>“高级”>“统一消息服务”)。
其他问题
在统一消息帐户和统一消息服务页面上的测试均成功的情况下,请启用以下跟踪:
问题:场景
配置Unity Connection以与Exchange 2003连接。
这来自日志:
01:10:20.300 |6549,mail.xxxxxx.com,{xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx},
CsWebDav,14,[CsWebDav/CsWebDavMbxClient.cpp:3340]: HTTP Status code: 500,
WEBDAV response headers: HTTP/1.1 500 Internal Server Error
这来自Exchange日志:
Event ID: 9667
Type: Error
Category: General
Source: msgidNamedPropsQuotaError
Description: Failed to create a new named property for database "<databasename>"
because the number of named properties reached the quota limit (<configured quota>).
User attempting to create the named property: <user name>. Named property
GUID: <GUID of named property>.
Named property name/id: <name of named property>.
解决方案
当安装了邮箱服务器角色的Exchange服务器上的数据库接近或达到命名属性或副本标识符的最大限制时,将记录这些事件。
要解决此问题,需要更改注册表,如本Microsoft Technet文章 — 如何配置命名属性和副本标识符配额中所述。
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeIS\
<ServerName>\<Database Type-GUID>
更改DWORD - NonMAPI命名的道具配额值。它通常设置为8,192。将此值修改为16,384。
有关此方面的详细信息,请参阅以下文档:
版本 | 发布日期 | 备注 |
---|---|---|
1.0 |
12-Mar-2015 |
初始版本 |