Is there a way to grant a user the ability to synchronize LDAP without giving them full admin rights? This applies to both UCM and Unity Connection. When adding new users to the system we add them to Active Directory, and then create their phone & voice mailbox. After creating their AD account we synchronize LDAP in UCM and UC so the new accounts are visible to those systems. When I do it myself it's not a problem because I have full admin rights, but I'd like to delegate the permission to sync LDAP to our technical support staff who don't have full admin rights on the phone system. It's not realistic to expect them to wait for the next scheduled LDAP sync to occur.
Try using End User Roles to delegate administrative rights to the end users you want to promote to various administrative roles. I don't have access to a CUCM or UConn cluster at the moment to verify that LDAP Syncing is a task that can be delegated; however, use the guide linked below to guide you through the role administration process. Sorry I couldn't be of more help!
Unfortunately there is not enough granularity to allow users to 'Perform Full Sync Now' without also granting permission to make LDAP directory configuration changes. The closest thing you can do in a role is grant read/update on 'LDAP Directory Configuration Pages'.
Well dang. I don't feel like there's a ton of danger allowing access to that portion of CCMAdmin as long as they know the only button they're supposed to press on that screen is "Perform Full Sync Now"!
I have this problem too. The LDAP Directory Configuration Pages option works perfectly for the Call Manager LDAP sync, but that setting doesn't transfer over to Unity. And the Unity roles don't allow you to copy and reconfigure them like Call Manager does. So right now its either give them the technician role or no LDAP sync
SIP traces provide key information in troubleshooting SIP Trunks, SIP
endpoints and other SIP related issues. Even though these traces are in
clear text, these texts can be gibberish unless you understand fully
what they mean. This document attempts to br...
Please find the attached HTML document, download and open it on your PC.
This provides an easy to use form where you simply answer a few
questions and it will render the proper jabber-config.xml file for you
to copy/paste. There is built in logic to verif...
CUCM Database Replication is an area in which Cisco customers and
partners have asked for more in-depth training in being able to properly
assess a replication problem and potentially resolve an issue without
involving TAC. This document discusses the bas...