CCM 7.0.2 - LDAP can't work on dafault OU ( ou=Users )

Answered Question
Sep 11th, 2009

Hi, I have CCM 7.0.2 with AD 2008.

CCM can'T get users for default OU created by AD. I have to create other OU to fix that. Is there anything I can change in AD to let the user on ccm getting the info on ou=Users.


I have this problem too.
0 votes
Correct Answer by htluo about 7 years 3 months ago

The default is NOT "ou=Users". The default is "cn=Users" (cn stands for "container" here).


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Jaime Valencia Fri, 09/11/2009 - 06:22

Have you confirmed the user you used for the integration has read rights over the OUs you want to sync??



if this helps, please rate

Randall White Fri, 09/11/2009 - 09:31

I might be mistaken, but I believe that all AD accounts have LDAP read permissions by default.

1. Can you see any User accounts that you know came from AD (not pre-existing accounts)?

2. If yes, try restarting the DirSync service on the Publisher.

3. If none show up, recheck the LDAP config on the Publisher. Does it save with no error messages? Is the LDAP User Search Base correct?

I've built a half-dozen UCM clusters that were synced and authenticated with AD. I have yet to figure out a way to filter users via AD permissions. If anyone know how to do this (AD 2003), please let me know.

I usually wind up syncing to the root domain and editing the LDAP filter string in CallManager to restrict which user account show up in CallManager.



This Discussion