Cisco Unified Communications Manager LDAP Integration Question
We use CUCM 7.1 and have been integrated to AD via LDAP Sync for years. The LDAP User Search Base is specific - like this..
OU=USERS, OU=ACME, DC=COYOTE, DC=LOCAL
The Sys admins started migrating over some users to another OU in order to accommodate migration to Exchange 2013. Let's call it..
OU=EX13USERS, OU=ACME, DC=COYOTE, DC=LOCAL
The problem is that on the CIsco phone (7945G) - if I press Corporate Directory I can no longer find anyone in the EX13USERS OU 0- only those still in OU USERS.
If I tried to sync from a point higher in the tree say OU=ACME, DC=COYOTE, DC=LOCAL - would that succeed in importing all users from all OU's below it? Or any way to sync from two or more separate specific OU's e.g.
OU=EX13USERS, OU=ACME, DC=COYOTE, DC=LOCAL ..AND.. OU=USERS, OU=ACME, DC=COYOTE, DC=LOCAL
Thank you.
OU=USERS, OU=ACME, DC=COYOTE, DC=LOCAL
The Sys admins started migrating over some users to another OU in order to accommodate migration to Exchange 2013. Let's call it..
OU=EX13USERS, OU=ACME, DC=COYOTE, DC=LOCAL
The problem is that on the CIsco phone (7945G) - if I press Corporate Directory I can no longer find anyone in the EX13USERS OU 0- only those still in OU USERS.
If I tried to sync from a point higher in the tree say OU=ACME, DC=COYOTE, DC=LOCAL - would that succeed in importing all users from all OU's below it? Or any way to sync from two or more separate specific OU's e.g.
OU=EX13USERS, OU=ACME, DC=COYOTE, DC=LOCAL ..AND.. OU=USERS, OU=ACME, DC=COYOTE, DC=LOCAL
Thank you.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Say a a follow-on if I may..
If I create another LDAP Directory (System/LDAP/LDAP Dir) for syncing - should I also create another
LDAP Authentication (System/LDAP/LDAP Authentication) instance as well? The current LDAP Auth specifies the same LDAP User Search Base as the LDAP Directory entry.
If I create another LDAP Directory (System/LDAP/LDAP Dir) for syncing - should I also create another
LDAP Authentication (System/LDAP/LDAP Authentication) instance as well? The current LDAP Auth specifies the same LDAP User Search Base as the LDAP Directory entry.
You can only have 1 LDAP authentication agreement, that one should point to a DC that knows how to authenticate any user/password passed to Callmanager. In your case, point it to the upper OU that contains the affected inner OUs.
ASKER
Cool - thanks again.
Welcome mate
ASKER