12-13-2007 02:10 PM - edited 03-15-2019 07:46 AM
The account used for CCM LDAP to AD integration has been deleted since
the user is no longer employed. Our security will not allow the new account "DCD ADMIN" to
have domain admin access, but they have granted the appropriate rights to make things work
- they say. When I run the LDAP integation tool, I'm receiving the error "Please ensure
that the registry entry for SCHEMA UPDATE ALLOWED is set to 1". This setting is set
correctly.
Since the original LDAP account has been deleted, I can no longer associate users to
devices.
12-20-2007 12:45 PM
- Set up a new account specifically for the CallManager.
- Make this a member of builtin\Administrators and Schema Admins.
- Re-run the Directory Configuration plugin.
Creating the Schema Update Allowed Registry for AD 2003:
12-20-2007 01:16 PM
Unfortunately, our corporate policy does not allow the domain or schema admins access to anyone except for the actual domain admins. Here Telecommunications is a separately run group who manages IPT servers and the physical network. The Domain group manages AD and Microsoft servers.
We are able get this resolved by creating the DCDADMIN with appropriate rights.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: