Call Manager 5.0 AD Sync

Unanswered Question
Oct 30th, 2007

Call Manager 5.0 has a garbage process that kicks off to clean up inactive users. It seems that this process runs either every other day or once every three to four days. Has anyone found a way to increase this to run every day? I can't seem to find anything on this. I

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
kelvin.blair Tue, 10/30/2007 - 06:16

I found this in the SRND Guide..After the synchronization is completed, any accounts that were not set to active are permanently deleted from Unified CM when the garbage collection process runs. Garbage collection is a process that runs automatically at the fixed time of 3:15 AM, and it is not configurable. The deletion of Unified CM accounts that do not match LDAP directory accounts is necessary because Unified CM cannot manage accounts while synchronization is configured.

It seems that it takes a couple of days for those inactive users to disappears even though the above states it runs at 3:15.. Has any one experienced this problem?

kelvin.blair Tue, 10/30/2007 - 06:38

Ok.. I see where the problem is.. I missed this in the SRND guide. I wish we can change this 24 hour period on accounts. Here is the SRND statement on how LDAP sync works:

At 8:00 AM on January 1, an account is disabled or deleted in AD. From this time and during the whole period A, password authentication (for example, Unified CM User Options page) will fail for this user because Unified CM redirects authentication to AD. However, PIN authentication (for example, Extension Mobility login) will still succeed because the PIN is stored in the Unified CM database.

2. The periodic re-synchronization is scheduled for 11:00 PM on January 1. During that process, Unified CM will verify all accounts. Any accounts that have been disabled or deleted from AD will at that time be tagged in the Unified CM database as inactive. After 11:00 PM on January 1, when the account is marked inactive, both the PIN and password authentication by Unified CM will fail.

3. Garbage collection of accounts occurs daily at the fixed time of 3:15 AM. This process permanently deletes user information from the Unified CM database for any record that has been marked inactive for over 24 hours. In this example, the garbage collection that runs at 3:15 AM on January 2 does not delete the account because it has not been inactive for 24 hours yet, so the account is deleted at 3:15 AM on January 3. At that point, the user data is permanently deleted from Unified CM.


This Discussion