CUPS: LDAP integration of multiple domains

Unanswered Question
May 22nd, 2008

Hi all,

within CUPS 6.0.2.1101-1 I set up multiple LDAP profiles for our users.

Unfortunately user1 with a search base of "DC=domain1,DC=com" cannot search for user2 with a being located in DC=domain2,DC=org".

Is there any suggestion to bypass this problem without restructuring our domain?

Thanks for any hint.

Thomas

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
irisrios Wed, 05/28/2008 - 08:12

For users spread across multiple domains, set the User Search Base to the lowest point in the tree containing all domains with users serviced by the Cisco CallManager cluster. In structures in which serviced child domains are under the top-level domain, the User Search Base must be set at the root of the entire AD forest. In all cases, though, try to ensure that a domain controller for each serviced domain is collocated with Cisco CallManager, or that the network is sufficiently resilient and fast to allow remote searches with no greater performance degradation than occurs with local searches.

http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/srnd/4x/42drctry.html

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_white_paper09186a0080092566.shtml

Yorick Petey Thu, 10/01/2009 - 02:10

Hi Thomas,

We have in our environment 2 AD domains in the same forest. The issue you pointed on is the same: a LDAP profile of a user can only browse users using a single search base. So we cannot find or add users from both domains. They are isolated.

Did you find a solution for your issue?

Thank you for your feedback.

Best regards,

Yorick

thomas.bader Thu, 10/01/2009 - 02:33

Hi Yorick,

unfortunately I was not able to find a solution. If I find a solution I will post it here.

regards Thomas

htluo Thu, 10/01/2009 - 04:04

The solution is very simple:

On CUPS > Application > Cisco Unified Personal Communicator > LDAP Profile, set the search base to below:

Ou=xxx,dc=domain1#Ou=yyy,dc=domain2

Use '#' as separator. This works on CUPC 7.0.2 or above.

Michael

http://htluo.blogspot.com

Yorick Petey Thu, 10/01/2009 - 04:55

Thank you so much Michael!

You are a real CUP guru.

I just ordered your book ;).

BR,

Yorick

Actions

This Discussion