cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
216
Views
0
Helpful
2
Replies

LDAP User Error

fultont
Level 1
Level 1

The account used for CCM LDAP to AD integration has been deleted since

the user is no longer employed. Our security will not allow the new account "DCD ADMIN" to

have domain admin access, but they have granted the appropriate rights to make things work

- they say. When I run the LDAP integation tool, I'm receiving the error "Please ensure

that the registry entry for SCHEMA UPDATE ALLOWED is set to 1". This setting is set

correctly.

Since the original LDAP account has been deleted, I can no longer associate users to

devices.

2 Replies 2

wong34539
Level 6
Level 6

- Set up a new account specifically for the CallManager.

- Make this a member of builtin\Administrators and Schema Admins.

- Re-run the Directory Configuration plugin.

Creating the Schema Update Allowed Registry for AD 2003:

http://www.cisco.com/en/US/products/sw/voicesw/ps556/products_installation_and_configuration_guide09186a00802e066d.html#wp83174

Unfortunately, our corporate policy does not allow the domain or schema admins access to anyone except for the actual domain admins. Here Telecommunications is a separately run group who manages IPT servers and the physical network. The Domain group manages AD and Microsoft servers.

We are able get this resolved by creating the DCDADMIN with appropriate rights.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: