CUCM User Modification.

Unanswered Question
Aug 17th, 2010

I integrated CUCM 6.0 with an Active Directory. This same active directory was also integrated with Alcatel 4400. After syncronization, I have a need to delet all the users in the cucm so that i will do a fresh syncronization.

The challange I have is that i cannot delet the users any longer. Can anyone help me on haow this can be done?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jaime Valencia Tue, 08/17/2010 - 11:10

That's expected.

Addition or deletion of users is totally up to AD and the sync process.

Synchronization Mechanism

http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/srnd/6x/directry.html#wp1045229

1. If end-user accounts already  exist in the Unified CM database and a synchronization agreement is  configured, all pre-existing accounts are marked inactive in Unified CM.  The configuration of the synchronization agreement specifies a mapping  of an LDAP database attribute to the Unified CM UserID. During the  synchronization, accounts from the LDAP database that match an existing  Unified CM account cause that Unified CM account to be marked active  again.

2. After the synchronization is  completed, any accounts that were not set to active are permanently  deleted from Unified CM when the garbage collection process runs.  Garbage collection is a process that runs automatically at the fixed  time of 3:15 AM, and it is not configurable. The deletion of Unified CM  accounts that do not match LDAP directory accounts is necessary because  Unified CM cannot manage accounts while synchronization is configured.

3. Subsequently when changes are  made in the corporate directory, the synchronization from Microsoft  Active Directory occurs as a full re-synchronization at the next  scheduled synchronization period. On the other hand, the iPlanet and  Sun ONE directory products perform an incremental synchronization  triggered by a change in the directory. The following sections present  examples of each of these two scenarios.

More info and examples of how this works in the link


HTH

java

If this helps, please rate

www.cisco.com/go/pdihelpdesk

brendand05 Tue, 08/17/2010 - 23:32

You can disable AD sync

Delete all users

Enable AD sync

----------------

Please rate helpful posts and mark as answered

christianojum Thu, 08/19/2010 - 11:08

Team,

Thanks for the response. I'm sorry for getting back to you late. I was actually chocked up with other things. Your contribution actually helped me in one way or the other. What i eventualy did was to delete the entire LDAP configuration before i could delete the end users.

But I still have a challange of the callmanager not syncronizing all the users in the AD even when the correct attributes are defined and the LDAP user search base pointed correctly. Please help.

Regards.

Actions

This Discussion