Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
312
Views
0
Helpful
2
Replies

How to Ahutenticate CUCM 6.1 with 2 LDAP

Go to solution
cegonzalez
Level 1
Level 1

‎01-16-2009 01:16 AM - edited ‎03-15-2019 05:06 AM

Hi: We have CUCM6.1 with LDAP Ahutentication and we are migrating ourdomain, and at present time have end users on both, does someone now how to make CUCM to chek both servers on diferent domains? I have revised several PDF but they say it have to be on a global domain is that the only solution?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jonathan Schulenberg
Hall of Fame
Hall of Fame

‎01-16-2009 08:10 AM

Are the domains in the same forest?

Do the domains have the same DNS hierarchy (ie. a.domain.local and b.domain.local); or are they, non-contiguous (a.domain.local. and b.fubar.local)?

As long as they are in the same forest you can still authenticate against both domains.

If the DNS heirarchy is not consistent, you'll need to use userPrincipalName as the User ID attribute instead of sAMAccountName. This changes usernames from jdoe to jdoe@a.domain.local. Because the username will now be unique across the different domains, the global catalog servers will know which account UCM is asking to bind with.

This is discussed further in the UCM SRND: http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/srnd/7x/directry.html

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Jonathan Schulenberg
Hall of Fame
Hall of Fame

‎01-16-2009 08:10 AM

Are the domains in the same forest?

Do the domains have the same DNS hierarchy (ie. a.domain.local and b.domain.local); or are they, non-contiguous (a.domain.local. and b.fubar.local)?

As long as they are in the same forest you can still authenticate against both domains.

If the DNS heirarchy is not consistent, you'll need to use userPrincipalName as the User ID attribute instead of sAMAccountName. This changes usernames from jdoe to jdoe@a.domain.local. Because the username will now be unique across the different domains, the global catalog servers will know which account UCM is asking to bind with.

This is discussed further in the UCM SRND: http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/srnd/7x/directry.html

0 Helpful

Go to solution
cegonzalez
Level 1
Level 1

‎03-26-2009 12:44 PM

Thanks for the answer, Yes they were, and we finally did it puting the ahutentication on a server of higer level who could see both domains

Tks.

0 Helpful
Customers Also Viewed These Support Documents