I have a customer with a wordwide 2003 exchange/AD environment and strict rules on what applications/users, etc get what permissions at what level... I'm attempting to install Unity 7.0(2) but have hit problems with running the Permissions Wizard and getting the correct permissions/rights granted.
We've been playing question/answer tennis over the Unity Permissions Wizard and the permissions in general, and the customer has asked me the following question:
"...why unity needs access to the global delected objects."
I answered, "It's a hidden container that's used to get triggers when you delete an object in AD - this is used so Unity knows when you delete an AD account and it can use that trigger to then remove their subscriber properties in our SQL database, thus preventing "stranded" subscribers in the DB"
Now they have asked:
It is not clear why the installation needs this level of permissions on the deleted items container in the <company> Global domain.
I can understand it is needed in the Denmark (local) domain, but not in the <company> Global domain
I found this in an old engineering document and think it sheds a bit more light as to why the permission is set by Permissions Wizard:
"The AvDsAd.EXE and AvDsGlobalCatalog.EXE service require the ability to poll for USNChanged and IsDeleted attributes in Active Directory. This polling process is used to synchronize the Unity database with Active Directory. Tracking deleted objects is necessary to allow Unity to maintain an accurate subscriber database.
These services search specific attributes for each of the above objects. Unity tracks User, Group, Contact and the Unity location objects in Active Directory for deletion. It does this by filtering for USNChanged, IsDeleted and a Unity attribute; CiscoECSBUObjectType. Unity won’t search for non-Unity subscribers, groups or contacts, but it will check these objects to see if they are Unity objects. "
SIP traces provide key information in troubleshooting SIP Trunks, SIP
endpoints and other SIP related issues. Even though these traces are in
clear text, these texts can be gibberish unless you understand fully
what they mean. This document attempts to br...
Please find the attached HTML document, download and open it on your PC.
This provides an easy to use form where you simply answer a few
questions and it will render the proper jabber-config.xml file for you
to copy/paste. There is built in logic to verif...
CUCM Database Replication is an area in which Cisco customers and
partners have asked for more in-depth training in being able to properly
assess a replication problem and potentially resolve an issue without
involving TAC. This document discusses the bas...