Removing AD Integration from CallManager

Unanswered Question
May 23rd, 2003
User Badges:

When we first installed our CM system, it seemed like a good idea to integrate it with AD... so we switched over from DCDirectory to AD.


Basically, the only advantages to this have been:


1) If we lost communication with the DC, users can't authenticate

2) If we want to set up a user, we have to do it from the CM admin page, then reset our passwords on the Win2K DC.


Of course, neither of these are advantages at all... Am I missing something good that this integration does for us?


Anyway, my query is this - I know it's possible to revert to DCDirectory, but is it possible to do it without losing user/password information? Or do we have to re-enter it all manually?


Thanks...


Aaron Harrison

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
jasyoung Fri, 05/23/2003 - 08:20
User Badges:
  • Gold, 750 points or more

As you probably know, you revert to DC Directory by rerunning the Customer Directory Integration plugin and choosing to uninstall.


You will have to manually recreate all the users in DC Directory. You MAY be able to save some time using BAT (the Batch Administration Tool) to import users. You can formulate a CSV file to import and do it all at once. Furthermore, the Active Directory Users & Computers MMC is capable of exporting some user data to a CSV file. This won't get your passwords back, but with some massaging of the CSV file, you may be able to save yourself some typing if you have a lot of users.


You're not really intended to add and remove users from CallManager when integrated with Active Directory. The advantage to integrating with AD is that the company should already have AD accounts for all their users. The users are then given the benefits of one login name and one password to remember. The administrators get the benefit of managing the addition and removal of users, convenient modification of their directory attributes using several familiar tools, password expiration, one-stop removal of the user account if they leave the company, etc etc. The sum of it is you're not supposed to use AD as just another DC Directory; the premise is that the data is already there and you should integrate smoothly with it. If the data isn't already there, it is a waste of your time to use anything other than DC Directory.

Actions

This Discussion