Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
759
Views
0
Helpful
6
Replies

Hiding AD Users from Corporate Directory

Go to solution
Elwood472
Level 1
Level 1

‎09-17-2009 04:56 AM - edited ‎03-18-2019 11:42 PM

We are running Cisco CallManager 6.1.1.3101-1. We have a lot of AD accounts that are not employees and do not have phones associated with them. We would like to hide these from the Corporate Directory.

I have updated all the those accounts by entering CiscoPrivateUser in the description field. I also tried the ldif file, although I suspect that's doing the same thing. Neither worked.

One solution I saw was to move those accounts to a separate OU and not sync, but we'd rather not to that if it can be helped.

Is there any other way to do this?

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Rob Huffman
Hall of Fame
Hall of Fame

‎09-17-2009 05:04 AM

Hi Rick,

Maybe you could try the methods that are listed here, with excellent tips from Liz, James and Nigel;

6.x and later;

http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Unified Communications and Video&topic=IP Phone Services for End Users&topicID=.ee6c82d&fromOutline=&CommCmd=MB?cmd=display_location&location=.2cbf8837

Hope this helps!

Rob

Edit: Sorry this didn't paste properly, please just copy/paste in browser :)

View solution in original post

0 Helpful

Go to solution
Brandon Buffin
VIP Alumni
VIP Alumni

‎09-17-2009 05:06 AM

The CiscoPrivateUser tag no longer works in CUCM 6.x. One option is to use a character that is not LDAP compliant, such as ~, in front of the first/last name in AD.

Hope this helps.

Brandon

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Rob Huffman
Hall of Fame
Hall of Fame

‎09-17-2009 05:04 AM

Hi Rick,

Maybe you could try the methods that are listed here, with excellent tips from Liz, James and Nigel;

6.x and later;

http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Unified Communications and Video&topic=IP Phone Services for End Users&topicID=.ee6c82d&fromOutline=&CommCmd=MB?cmd=display_location&location=.2cbf8837

Hope this helps!

Rob

Edit: Sorry this didn't paste properly, please just copy/paste in browser :)

0 Helpful

Go to solution
Elwood472
Level 1
Level 1
In response to Rob Huffman

‎09-17-2009 05:59 AM

Thanks, the tilde method worked great.

0 Helpful

Go to solution
Elwood472
Level 1
Level 1
In response to Elwood472

‎09-17-2009 07:02 AM

Correction, the Tilde method is probably sufficient, but it does not hide them. It puts them at the end of the list so alphabetically it comes after Z.

It would be nice to hide them all together.

0 Helpful

Go to solution
Brandon Buffin
VIP Alumni
VIP Alumni
In response to Elwood472

‎09-17-2009 07:31 AM

A method that hides users:

1. Create an AD account specifically to use for the CUCM integration.

2. In AD, grant this account access to your domain.

3. In AD put an explicit Deny on each user account (or OU) that you do not want imported to CUCM.

Hope this helps.

Brandon

0 Helpful

Go to solution
Brandon Buffin
VIP Alumni
VIP Alumni

‎09-17-2009 05:06 AM

The CiscoPrivateUser tag no longer works in CUCM 6.x. One option is to use a character that is not LDAP compliant, such as ~, in front of the first/last name in AD.

Hope this helps.

Brandon

0 Helpful

Go to solution
madmartigan
Level 1
Level 1

‎10-02-2009 02:34 PM

I know this is a little late to the party. Clearing the last name field in AD will keep the LDAP from syncing that account. If you do that & do a sync the account will list as "inactive". It has to be inactive for at least 24 when garbage collection runs for it do be permanently removed from the CUCM directory.

0 Helpful
Customers Also Viewed These Support Documents