I have a customer attempting to change the voicemail PIN of a user through the CUPI API. They noticed that this fails if the mailbox has been given a Role such as User or System Administrator. The error returned is:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <ErrorDetails> <errors> <code>IMS_ERROR</code> <DetailCode>1030</DetailCode> </errors> </ErrorDetails>
Is it expected that CUPI cannot modify privileged accounts? I suspect the answer is 'no' since this same API can also grant users those same roles. Is this a bug or are we missing an extra step for modifying privileged accounts?
For reference, this is being observed on Unity Connection version 22.214.171.12400-21. Here is the URL, headers, and body. I'm able to readily reproduce this through Postman.
PUT URL: https://<connection-server>/vmrest/users/<user-objectid>/credential/pin Headers: Content-Type: application/xml Authorization: Basic [redacted] Body: <?xml version="1.0" encoding="UTF-8"?> <Credential> <Credentials>050917</Credentials> </Credential>
The password change and password setting modification for User PIN/Web application should be provisioned on Publisher server in Active-Active mode. If the user has sys admin roles, then he can perform those CUPI interface. Are you saying that a regular user can grant sys admin role to himself?