Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

AD Change - LDAP Impact?

UCM 5.1(3) with LDAP integration configured. We're moving object within the AD to a new OU.

example

DC=MAIN, DC=ABCCORP, DC=COM

old: OU=STAFF,

new: OU=USA, OU=USERS, OU=STAFF

What behavior should be expect when we create the new LDAP User Search Base and move the accounts? The next time the LDAP is synced will is purge the directory and reimport the accounts, or recognize they are the same account and leave them as they are?

Thanks in advance,

Brian

4 REPLIES
Cisco Employee

Re: AD Change - LDAP Impact?

CUCM uses the attribute you set as primary to sync the accounts so if you do not change any of those, user info won't be purged and will be kept

HTH

javalenc

if this helps, please rate

HTH

java

if this helps, please rate

www.cisco.com/go/pdi
New Member

Re: AD Change - LDAP Impact?

Where is this "primary" attribute you're referring to?

I do not see any reference in the LDAP options in UCM.

Thanks in advance,

Brian

Cisco Employee

Re: AD Change - LDAP Impact?

when you configure the LDAP you configure this:

LDAP Attribute for User ID

that is the one DirSync compares to know if the user is still active or should be deleted.

HTH

javalenc

if this helps, please rate

HTH

java

if this helps, please rate

www.cisco.com/go/pdi
New Member

Re: AD Change - LDAP Impact?

I'm trying to do something similar and I just wanna confirm...

We have our LDAP pointed to the global level and we have a lot of extra Admin users etc in our corp directory...so we moved all phone users to a sub-directory under the global directory in ADS.

Can I add the new directory and remove the old global entry and will the phone users in the sub-directory not get removed and their phone associations and user group settings remain. (they have the same User ID attribute as sAMAccountName)

We have our AD directory set to

OU=Users,DC=adsgroup,DC=com

instead we want to use

OU=phoneusers,OU=Users,DC=adsgroup,DC=com

thanks in adv,

:JoeL

179
Views
0
Helpful
4
Replies