CUCM 7.x LDAP Integration change

David.Pellat · ‎04-30-2012

Hi,

We currently have a setup where by we sync with a Sun ONE LDAP Server. We are moving to a Microsoft AD environment. We will need to change our sync from CUCM to point at the new AD server. I have not been able to find and officail documentation on changing this, resynching and ensuring that no user accounts are lost. My plan was:

Check for any current inactive User accounts and note them
Change the LDAP server type
Change the LDAP authentication to pint at the new server
Adjust and of the Directory entries to search in the new search base.
Perform a sync
Check for any current inactive User accounts and note them and compare against step 1
Fix any individual issues and compete the process.

My Questions are around the following:

If we sync and there are mistakes in uid fields will they import or over write fields?

If we have major issues can we roll back to the original server with the original configurations withought any problems?

How long do we have to roll back?

Thanks

David

Chris Deren · ‎05-01-2012

David,

Unfortunately you cannot just change the integration type, you will need to delete it first and re-created it. As long as you do this before the next synch process and then garbage cleanup and usernames are the same you will be all good.

If usernames no longer match those users will be marked INACTIVE and later purged out.

You will need to roll back before the cycle or your only other alternative will be to restore full config from backup.

HTH,

Chris