Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

LDAP Integration with AD

Hi

I have a test CUCM 6.1 and Microsoft AD set up on VMWare.

I  have taken a back up of our live CM and installed this into the test  database as well as taken a live back up of our AD and installed this on  the test Server.

CM currently has 2039 users and AD has over 4000 users. I want to integrate AD with CM. I have created an account in AD with Domain Admin rights. When I perform the sysnc all the 2039 users are there and are active, However the users in AD did not create in CM and the users I have in CM that I do not have in AD have also been synced.

Any assistance is appreciated.

Regards

9 REPLIES
Hall of Fame Super Silver

LDAP Integration with AD

Are all the users in the container (i.e. OU) you are using as Search Base?  Did you start Dirsync service?

Chris

New Member

LDAP Integration with AD

Hi Chris

Thnak for the reply. All the users are in the same OU.

The DirSync service boxed is ticked.

Regards

Jay

Hall of Fame Super Silver

LDAP Integration with AD

Are you sure all 4000 users are defined as users and not other accounts?

Chris

Super Bronze

LDAP Integration with AD

Hi Jayesh

Maybe post up some more screen grabs - your sync config from CUCM showing search base, and the OU structure in AD Users & Computers showing the location of the user accounts...

Aaron

Aaron Please remember to rate helpful posts to identify useful responses, and mark 'Answered' if appropriate!

LDAP Integration with AD

You dindnt define an ldap filter in cucm, that prevents the other 1900 users from

Being populated into cucm by any chance?

Please remember to rate useful posts, by clicking on the stars below.

New Member

LDAP Integration with AD

Hi

Thanks for the reply minkdennis.

Under system, LDAP, I have LDAP System, LDAP Directory and LDAP Authentication options avilable. I don't have LDAP filter.

Is there anyway I can access this

Thanks

Regards

Jay

Hall of Fame Super Silver

LDAP Integration with AD

Access what?

LDAP filter was not available in your version via GUI, if I recall correctly it was only definable via CLI. So, if you did not define it there is no filter.

Chris

New Member

LDAP Integration with AD

Super Bronze

LDAP Integration with AD

Hi Jayesh

Firstly  - the default LDAP filter for AD is : (&(objectclass=user)(!(objectclass=Computer))(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))

So custom LDAP filters replace this, and you should use this as a basis, e.g. to filter out users that have no first name: (&(&(objectclass=user)(givenName=*))(!(objectclass=Computer))(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))

In your case, I think you have your agreement set up wrong. Your domain DN is :

dc=netlincs,dc=gov,dc=uk

f you wanted to just search the Netlincs/Netlincs User OU, your search base should be:

ou=netlincs users,ou=netlincs,dc=netlincs,dc=gov,dc=uk

Some contains (e.g. users or builtin) are 'special', so would be containers rather than OUs:

cn=users,dc=netlincs,dc=gov,dc=uk

Geddit?

Aaron Harrison

Principal Engineer at Logicalis UK

Please rate helpful posts...

Aaron Please remember to rate helpful posts to identify useful responses, and mark 'Answered' if appropriate!
818
Views
0
Helpful
9
Replies