LDAP authentication enabled. UpdateCredential failure

Version 1
    This document was generated from CDN thread

    Created by: Greg Dirst on 05-02-2010 02:11:37 PM
    Hi,
     
    I am using the CUPI API to integrate the Unity system into our existing password reset application suite. I am almost there and having difficulty getting past this last issue.
     
    I am making two calls to the API. The first one to get the object id for a user which works fine in our test environment. The second one does two things; reset the user's PIN and unlock the account. The unlock appears to be working so it seems the second call is received, but just not liked much for the reset.
     
    I get an HTTP status of 400 and the below error from the API...
    <?xml version="1.0" encoding="UTF-8" standalone="yes"?><ErrorDetails><errors><code>IMS_ERROR</code><message>LDAP authentication enabled. UpdateCredential failure</message></errors></ErrorDetails> 
     
    I am just the developer and cannot pretend to understand how this thing is configured, what security they are using (I assume LDAP :-/ ).
     
    Here is what the first call looks like to CUPI to get the account details...

    [url=https://fully qualified url/vmrest/users?query=(alias is V8QP)]https://fully qualified url/vmrest/users?query=(alias is V8QP)

     
    After extracting the info from the response XML from CUPI I format the second call URL And XML for the reset.
     
    Here is what the second call looks like to CUPI to do the reset...
    https://fully qualified URL/vmrest/users/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/credential/password
     

    <Credential><UserObjectId>xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx</UserObjectId><CredentialType>4</CredentialType><Credentials>12344321</Credentials><Locked>0</Locked></Credential>

     
    After I send the second request I get the error I stated above. The odd part is that the user's logon attempt field is always reset to 0 on the server. So I concluded the request is making it fine from a developer standpoint, but not sure why the reset isn't occurring.
     
    The documentation indicates the password might need to be encrypted?
     
    Thank you!

    Subject: RE: LDAP authentication enabled. UpdateCredential failure
    Replied by: Matt Allen on 05-02-2010 04:38:51 PM
    We are using LDAP import/authentication, but we're trying to reset the Voicemail PIN (the PIN is not imported from AD) - not the password.  Per the XML schema is looks like Connection Type of 4 = pin.
     
     

    Subject: RE: LDAP authentication enabled. UpdateCredential failure
    Replied by: David Wanagel on 05-02-2010 04:01:07 PM
    Based on the error you are getting, I would suspect that the users are imported from an LDAP directory server.  Connection does not have write access to the LDAP server, so any calls to reset or unlock should fail.  If you want to change the credential status in any way for a user that originated from an LDAP directory server, you will need to communicate with the directory server directly,
     
    -Dave

    Subject: RE: LDAP authentication enabled. UpdateCredential failure
    Replied by: Greg Dirst on 05-02-2010 05:20:33 PM
    We are using LDAP import/authentication, but we're trying to reset the Voicemail PIN (the PIN is not imported from AD) - not the password.  Per the XML schema is looks like Connection Type of 4 = pin.
     
     



    Thanks for replying with this information. I am passing a 4 in the credential type which I assumed doesn't need LDAP??

    Subject: RE: LDAP authentication enabled. UpdateCredential failure
    Replied by: Matthew Penning on 05-02-2010 06:12:52 PM
    Hi - for PIN you actually need a different URL:
     
    https://fully qualified URL/vmrest/users/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/credential/pin
     

    Subject: RE: LDAP authentication enabled. UpdateCredential failure
    Replied by: Greg Dirst on 05-02-2010 07:00:11 PM
    Hi - for PIN you actually need a different URL:
     
    https://fully qualified URL/vmrest/users/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/credential/pin
     


    Thank you! This solved the error I was getting.