09-17-2009 04:56 AM - edited 03-18-2019 11:42 PM
We are running Cisco CallManager 6.1.1.3101-1. We have a lot of AD accounts that are not employees and do not have phones associated with them. We would like to hide these from the Corporate Directory.
I have updated all the those accounts by entering CiscoPrivateUser in the description field. I also tried the ldif file, although I suspect that's doing the same thing. Neither worked.
One solution I saw was to move those accounts to a separate OU and not sync, but we'd rather not to that if it can be helped.
Is there any other way to do this?
Solved! Go to Solution.
09-17-2009 05:04 AM
Hi Rick,
Maybe you could try the methods that are listed here, with excellent tips from Liz, James and Nigel;
6.x and later;
http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Unified Communications and Video&topic=IP Phone Services for End Users&topicID=.ee6c82d&fromOutline=&CommCmd=MB?cmd=display_location&location=.2cbf8837
Hope this helps!
Rob
Edit: Sorry this didn't paste properly, please just copy/paste in browser :)
09-17-2009 05:06 AM
The CiscoPrivateUser tag no longer works in CUCM 6.x. One option is to use a character that is not LDAP compliant, such as ~, in front of the first/last name in AD.
Hope this helps.
Brandon
09-17-2009 05:04 AM
Hi Rick,
Maybe you could try the methods that are listed here, with excellent tips from Liz, James and Nigel;
6.x and later;
http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Unified Communications and Video&topic=IP Phone Services for End Users&topicID=.ee6c82d&fromOutline=&CommCmd=MB?cmd=display_location&location=.2cbf8837
Hope this helps!
Rob
Edit: Sorry this didn't paste properly, please just copy/paste in browser :)
09-17-2009 05:59 AM
Thanks, the tilde method worked great.
09-17-2009 07:02 AM
Correction, the Tilde method is probably sufficient, but it does not hide them. It puts them at the end of the list so alphabetically it comes after Z.
It would be nice to hide them all together.
09-17-2009 07:31 AM
A method that hides users:
1. Create an AD account specifically to use for the CUCM integration.
2. In AD, grant this account access to your domain.
3. In AD put an explicit Deny on each user account (or OU) that you do not want imported to CUCM.
Hope this helps.
Brandon
09-17-2009 05:06 AM
The CiscoPrivateUser tag no longer works in CUCM 6.x. One option is to use a character that is not LDAP compliant, such as ~, in front of the first/last name in AD.
Hope this helps.
Brandon
10-02-2009 02:34 PM
I know this is a little late to the party. Clearing the last name field in AD will keep the LDAP from syncing that account. If you do that & do a sync the account will list as "inactive". It has to be inactive for at least 24 when garbage collection runs for it do be permanently removed from the CUCM directory.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide