08-17-2010 11:01 AM - edited 03-16-2019 12:17 AM
I integrated CUCM 6.0 with an Active Directory. This same active directory was also integrated with Alcatel 4400. After syncronization, I have a need to delet all the users in the cucm so that i will do a fresh syncronization.
The challange I have is that i cannot delet the users any longer. Can anyone help me on haow this can be done?
08-17-2010 11:10 AM
That's expected.
Addition or deletion of users is totally up to AD and the sync process.
http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/srnd/6x/directry.html#wp1045229
1. If end-user accounts already exist in the Unified CM database and a synchronization agreement is configured, all pre-existing accounts are marked inactive in Unified CM. The configuration of the synchronization agreement specifies a mapping of an LDAP database attribute to the Unified CM UserID. During the synchronization, accounts from the LDAP database that match an existing Unified CM account cause that Unified CM account to be marked active again.
2. After the synchronization is completed, any accounts that were not set to active are permanently deleted from Unified CM when the garbage collection process runs. Garbage collection is a process that runs automatically at the fixed time of 3:15 AM, and it is not configurable. The deletion of Unified CM accounts that do not match LDAP directory accounts is necessary because Unified CM cannot manage accounts while synchronization is configured.
3. Subsequently when changes are made in the corporate directory, the synchronization from Microsoft Active Directory occurs as a full re-synchronization at the next scheduled synchronization period. On the other hand, the iPlanet and Sun ONE directory products perform an incremental synchronization triggered by a change in the directory. The following sections present examples of each of these two scenarios.
More info and examples of how this works in the link
HTH
java
If this helps, please rate
www.cisco.com/go/pdihelpdesk
08-17-2010 11:32 PM
You can disable AD sync
Delete all users
Enable AD sync
----------------
Please rate helpful posts and mark as answered
08-19-2010 11:08 AM
Team,
Thanks for the response. I'm sorry for getting back to you late. I was actually chocked up with other things. Your contribution actually helped me in one way or the other. What i eventualy did was to delete the entire LDAP configuration before i could delete the end users.
But I still have a challange of the callmanager not syncronizing all the users in the AD even when the correct attributes are defined and the LDAP user search base pointed correctly. Please help.
Regards.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide