Solved

Cisco Unity Connection 8.6.2 SSO & Exchange 2003 Configuration

Posted on 2013-06-27
9
390 Views
Last Modified: 2014-12-13
Hi All,

Would you be kind enough to provide guidance for the following issue, which I have,
currently run out of Ideas for trouble shooting & resolving this issue.
.  
I required assistance getting Exchange 2003 working with Cisco Unity connection
Single Inbox Is not Working for Users Associated with a Unified Messaging Service Account

I require a method to test exchange to ensure the exchange configuration is correct.

The unified messaging account configured in exchange I believe is configured correctly,
as I have check the unity configuration with a customer's working solution, unfortunately
I do  not have access to their Microsoft exchange server.

If I run a test on Unity connection for the unified messaging account, the test is successful, however if I run the test for the unified messaging account under the configured voice mail user, the test fails with the following error below.
 
I think the issue is with my exchange server, but I don't know how to confirm my exchange 2003 settings in IIS and Exchange system manager are ok.

Please note I am able to send and receive email internally & externally and OWA works internally and externally.

I also have a Asterisk PBX with Voicemail integration which is configured to send voicemail message as an attachment  to my exchange account. which seems really simple in comparison, although the Asterisk in not configured to sync with Exchange.

On the Asterisk server all I need to do is configure Asterisk for Remote SMTP Delivery. The Extension is configured to send voicemail to my Exchange email account account using my email address and pointed to the SMTP exchange server IP address.  

Within Unity Connection 8.6.2 I get the following error when testing the unified messaging user account on Unity connection.

Error Issue

Failed accessing XXXXXX.XXXXXX@company.NET on 192.168.1.41

Details

HTTP status=[440] diagnostic=[Bad response from server, HTTP code returned: 440] url=[https://192.168.1.41/exchange/XXXXXX.XXXXXX@company.NET] request=[<?xml version="1.0"?> <D:propfind xmlns:D="DAV:" xmlns:fh="urn:schemas:httpmail:" xmlns:h="http://schemas.microsoft.com/repl/"> <D:prop> <fh:msgfolderroot/> </D:prop> </D:propfind> ] response=[<HTML><BODY>440 Login Timeout</BODY></HTML>]
CUC-Unified.txt
0
Comment
Question by:august263
  • 5
  • 2
9 Comments
 
LVL 9

Expert Comment

by:bharrington83
Comment Utility
Did you set up the send as / receive as permission for the given user properly, granting it to Unity@yourdomain.local?
0
 

Author Comment

by:august263
Comment Utility
Hi bharrington83,


Yes the send and receive as + Administer information Store is the allowed permissions.
0
 

Author Comment

by:august263
Comment Utility
Hi,

The User has an email account and is able to send and receive mail for the domain in question. When you refer to "send as / receive as permission " would you be kind enough to elaborate, should the end user account be configured to a similar vain as the unified Service account?

Regards



August263
0
 
LVL 9

Expert Comment

by:bharrington83
Comment Utility
You need to grand SendAs/ReceiveAs in active directory for the unity user.  Right click on the user in question and grant those permission to your unity worker account.
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 

Author Comment

by:august263
Comment Utility
Apparently there are issues with Unity Connection & Exchange 2003 configured for Form based Authentication, there is a Micosoft knowledge base article which explains how to turn off Form Based Routing & configure a Another Exchange Virtual Server "Exchange-OMA"
without SSL. The article is related to OWA Active Sync, not sure if it is relevant, however it does refer to disabling Form Based Authentication.  

Form Based Authentication & Exchange ActiveSync Returned an HTTP 500 Error

I have followed the steps and now I'm hitting the HTTP 500 error as oppose to the Previous error Http Status [440]
Form-Based-Authentication-Proble.docx
0
 

Author Comment

by:august263
Comment Utility
Please note I have checked the Send and receive permissions for the user in question,
however I found the option under the Active directory user profile, by right clicking Properties and selecting the security Tab.

If I highlight the Administrator under Group or user names, send and receive is checked for this particular user. The user happens to be an administrator.

Please see attached image.


Thanks again.
AD-USER.png
0
 

Author Comment

by:august263
Comment Utility
Hi All,

I believe the issue is server related configuration although I'm not sure what the issue is.
From Cisco Unity connection a test of the users account can be initiated and the error I'm hitting relates to HTTP 500 error.  see below:

Failed accessing joe.bloggs@company.net on 192.168.1.41

Some possible reasons for 401: Incorrect service account name or password. Service account password expired. Proper permissions not granted to service account. Exchange mailbox uninitialized. HTTP status=[401 Unauthorized] diagnostic=[Bad response from server, HTTP code returned: 401] url=[https://192.168.1.41/exchange/joe.bloggs@company.net] request=[<?xml version="1.0"?> <D:propfind xmlns:D="DAV:" xmlns:fh="urn:schemas:httpmail:" xmlns:h="http://schemas.microsoft.com/repl/"> <D:prop> <fh:msgfolderroot/> </D:prop> </D:propfind> ] response=[<html><head><title>Error</title></head><body>Error: Access is Denied.</body></html>]  

Thankyou
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 500 total points
Comment Utility
Okay - I'm not sure about the Cisco side of things, but if we can get the rest of Exchange / IIS settings working, then it may follow suit!

Please have a read through my article to get Activesync working, then once that works and you don't get the HTTP 500 errors any more, you may have more luck with the Unity side of the equation.

My article:
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_1798-Exchange-2003-Activesync-Connection-Problems-FAQ.html

The exchange-oma is an essential additional if you have Forms-Based Authentication enabled as it adds a virtual directory using port 80, which is required for activesync to communicate properly.

Alan
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Easy CSR creation in Exchange 2007,2010 and 2013
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now