Guest

Preview Tool

Cisco Bug: CSCvv80752 - Unified Messaging with Office 365 using Oauth 2.0 requires Azure Portal login with Admin User

Last Modified

Sep 25, 2020

Products (1)

  • Cisco Unity Connection

Known Affected Releases

11.5 12.5

Description (partial)

Symptom:
> Unified Messaging Service test for Office 365 fails with
*********************************************************************
The validation results for unified messaging service Office_365 are the following: 		Service "Office_365": AuthenticationMode=[OAuth2] [use HTTPS/no-validate] 
																						Search Domain=[outlook.office365.com] Site=[.] Types=[Exchange 2007 or above] [use LDAP] Username=[UMS SERVICE ACCOUNT]

Searching the network 		Failed to locate a Domain Controller via DNS.
Searching the network 		Failed connected to Exchange CAS server at (https://outlook.office365.com/autodiscover/autodiscover.xml)
Searching the network 		Failed connected to Exchange CAS server at (https://autodiscover.outlook.office365.com/autodiscover/autodiscover.xml)
Searching the network 		Failed connected to Exchange CAS server at (https://autodiscover-s.outlook.com/autodiscover/autodiscover.xml)
Searching the network 		Failed connected to Exchange CAS server at (http://autodiscover.outlook.office365.com/autodiscover/autodiscover.xml)
Searching the network 		Could not find an Exchange CAS server via Autodiscover DNS SRV record
Searching the network 		Failed to locate an Exchange CAS server. Connection will not be able to Locate Exchange subscribers.
							This test does not test all aspects of the configuration of the service. To complete testing, add a unified messaging account for a user and test the account using the Test button on the Edit Unified Messaging Account page. 	
*********************************************************************

>> Connection Tomcat Application Logs show that failure is due to HTTP 401 responses from O365

*********************************************************************
12:23:33.787 |4031,,,CsExMbxLocator,13,[CsExMbxLocator/CsExMbxLocator.cpp:1300]: HTTP request: GET / https://outlook.office365.com/autodiscover/autodiscover.xml / 
12:23:33.857 |4031,,,CsExMbxLocator,10,[CsExMbxLocator/CsExMbxLocator.cpp:1471]: HTTP request failed with error: Bad response from server, HTTP code returned: 401, HTTP status code: 401, for Autodiscovery URL: https://outlook.office365.com/autodiscover/autodiscover.xml, verb: GET, query: 
*********************************************************************

>> AZURE portal tshooting
portal.azure.com > login > click on Azure Active Directory > Users > search for UMS account > click on user > Activity > Sign-Ins.

Here you may see a sign in attempt with status = "Interrupted".  When clicking on details, you may see failure reason:
The user or adminstrator has not consented to use the application with ID... Send an interactive authorization request for this user and resource
NOTE: the Application ID should be same as unity configured app ID on UMS config page

Conditions:
Unifed Messaging Service pointing to Office 365
Web Auth = Oauth 2.0
Using documentation:
https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/connection/12x/unified_messaging/b_12xcucumgx/b_12xcucumgx_chapter_01.html#ID-2370-000005f5
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.