Cisco Unity Connection (CUC) Media Master Issue

Last month, I came across a problem in CUC when I tried to upload new greeting record. Firstly I thought it was probably based on wrong file format. But after I checked it, I understood the file format was not the source of my problem.


So I gave it some time to resolve it and then I saw it was originated from JAVA !!
I will write down the steps that I used to resolve my issue, respectively.

Close all of the browsers

– Verify that all processes are cleared in Task Manager [Ctrl+Shift+Escape]] or type in the search start menu “view running processes with Task Manager”; you should not see any processes like specified below.

* firefox.exe
* iexplore.exe
* chrome.exe

Remove existing Java that is installed

– uninstall Java 6,7,8
– delete all the sub-folders in “C:\Program Files\Java” or “C:\Program Files (x86)\Java”
– clear cache and browser history
– download Java from the official site – 1.7.0_71

Windows x86 Offline 28.09 MB jre-7u71-windows-i586.exe


– run install file as Administrator
– verify that Java is installed successfully

Disable Java security

– after Java installation type “Configure Java” at the Windows search start menu and you will see similar output to the below.


Clear temporary files in the Java



Set the security level and exceptions

– Security Level = Medium
– Exception site list. Add the CUC sites for PUB and SUB. Edit Site List.


Disable security verification in Java

Mixed code disabled = DISABLE VER
Perform certificate revocation checks = Do not check
Advanced security settings = ALL

Permit access for CUC nodes to local Java modules by editing java policy file

– open “C:\Program Files\Java\jre7\lib\security\java.policy” as administrator
– open “C:\Program Files (x86)\Java\jre7\lib\security\java.policy” as administrator

– after a line below
permission “localhost:0”, “listen”;

– add lines below and then save a file
permission “”, “connect,resolve”;
permission “”, “connect,resolve”;
permission “”, “connect,resolve”;
permission “”, “connect,resolve”;

Verify Java is running and enabled on Mozilla

In the example I used Java v7u67. Verify Java v7u67 is running and enabled on Mozilla. You should see “Java(TM) Platform SE 7 U65” or different version. JDK (Java Deployment Kit) is not required.


– open Mozilla as administrator
– clear cache and browser history
– verify that Java IMMApplet starts
– you will see at least Java logo below and maybe some security warnings

If instantly you will see some error message then it means that Java is not enabled for this browser. Error message next is really common one – “Init MMApplet Instance Failed To Get Instance”. Make sure that Java was installed with browser process not running in the background.



CUCM Secondary Node(Subscriber,CUPS) Installation Problem

You may come across a problem installing a secondary node for cucm such as the subscriber node or CUPS. You check and try&try again. You probably don’t see any mistake but couldn’t pass this step.



Solution: If every credential is correct, I mean publisher cucm hostname, ip address, security password, dns settings, etc. , you added the new nodes to the publisher and then the problem is mostly originated from not being restarted publisher at least one time after you installed. One time restart of CUCM Publisher will solve the problem.



CUCM LDAP Connection Problem || Error while connecting to ldap://ip-address:389, null

Last week, one of my customers has changed their domain controller infrastructure and so ldap server ip address has been changed basically. I’m  not only synchronizing the phone users over this ldap server, but also managing user authentications from it. After that, they send me the new ldap server ip address and I tried to synchronize users over the ldap server.

The problem started at this point. This system was working perfectly so long time but I cannot make ldap initiating.

It gave an error like this:

Error while connection to ldap://ip-address:389, null


It seems like ldap server can’t let me make lookup. So I did these steps:

  • Tried changing admin password,
  • Tried these formats:
    • username@domain.local,
    • DOMAIN\username
    • Full canonical name(cn=username, ou=users, dc=domain, dc=local)
  • Tried changing admin account’s credentials (it was under domain admin group, also added to administrators group),
  • Tried another admin account,
  • Tried another search base,
  • Tried with/without ldap custom filter

Nothing solved my problem.

By the way, I was able to connect successfully by ( C:\ telnet LDAP-SERVER-IP 389).
Also I can verify myself as I could make a lookup but no answer came back from ldap server by writing username or password wrong.



So, to define whether I can access successfully LDAP server or not, I tried a 3rd party LDAP browser software named “Softerra LDAP Browser”.


It says “A stronger authentication method is required for this server.”

After a quick search, I found nothing to resolve my issue clearly on cisco support and configuration webpages. But, I found an issue effected websense. I basically apply this solution to my case, then everything was perfect both synchronization and authentication.


It says we need to change Domain controller: LDAP server signing requirements to NONE and Network security:LDAP client signing requirements to NEGOTIATE.







I hope this would be helpful and informative for you. If you encounter this, I firstly suggest you to check all those above steps under the first picture.

PS: I also opened a TAC case and an engineer investigated the problem. He said “this is a server issue and you should forward this to your server administrator or solve yourself.”