UCM 6.x Integration with Multiple Active Directory

Unanswered Question
Feb 17th, 2009

Hello. I am hoping that someone can help me with a the below question:

Is it possible to add three different AD entries under the LDAP Authentication page, having different LDAP user search base or is it that i can have Authentication to only one LDAP server?


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
giftonabel Tue, 02/24/2009 - 10:02

One more thing to update, these 3 AD's are in three different Forests,

Is it still possible?

giftonabel Wed, 02/25/2009 - 03:03

Hi Justin,

I have gone through this link earlier, it actually mentions about the scenario of Single AD Forest with Multiple Trees under it, in my scenario it is Multiple Forests and each forest has there own tree and i need to have the LDAP authentication with all three forests.



Yorick Petey Thu, 02/26/2009 - 01:15

Indeed, it's not possible to authenticate when you have multiple forests, but it is if you have a single forest with multiple trees.

You have to use userPrincipalName instead of sAMAccountName in LDAP System configuration for UserID.


"As mentioned in the section on LDAP Synchronization, in order to support synchronization with an AD forest that has multiple trees, the UserPrincipalName (UPN) attribute must be used as the user ID within Unified CM. When the user ID is the UPN, the LDAP authentication configuration page within Unified CM Administration does not allow you to enter the LDAP Search Base field, but instead it displays the note, "LDAP user search base is formed using userid information." "

The only negative aspect is for Extension Mobility, UserID is more complicated to enter.



This Discussion