amigan_99
asked on
Cisco Unified Communications Manager LDAP Integration Question
We use CUCM 7.1 and have been integrated to AD via LDAP Sync for years. The LDAP User Search Base is specific - like this..
OU=USERS, OU=ACME, DC=COYOTE, DC=LOCAL
The Sys admins started migrating over some users to another OU in order to accommodate migration to Exchange 2013. Let's call it..
OU=EX13USERS, OU=ACME, DC=COYOTE, DC=LOCAL
The problem is that on the CIsco phone (7945G) - if I press Corporate Directory I can no longer find anyone in the EX13USERS OU 0- only those still in OU USERS.
If I tried to sync from a point higher in the tree say OU=ACME, DC=COYOTE, DC=LOCAL - would that succeed in importing all users from all OU's below it? Or any way to sync from two or more separate specific OU's e.g.
OU=EX13USERS, OU=ACME, DC=COYOTE, DC=LOCAL ..AND.. OU=USERS, OU=ACME, DC=COYOTE, DC=LOCAL
Thank you.
OU=USERS, OU=ACME, DC=COYOTE, DC=LOCAL
The Sys admins started migrating over some users to another OU in order to accommodate migration to Exchange 2013. Let's call it..
OU=EX13USERS, OU=ACME, DC=COYOTE, DC=LOCAL
The problem is that on the CIsco phone (7945G) - if I press Corporate Directory I can no longer find anyone in the EX13USERS OU 0- only those still in OU USERS.
If I tried to sync from a point higher in the tree say OU=ACME, DC=COYOTE, DC=LOCAL - would that succeed in importing all users from all OU's below it? Or any way to sync from two or more separate specific OU's e.g.
OU=EX13USERS, OU=ACME, DC=COYOTE, DC=LOCAL ..AND.. OU=USERS, OU=ACME, DC=COYOTE, DC=LOCAL
Thank you.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Say a a follow-on if I may..
If I create another LDAP Directory (System/LDAP/LDAP Dir) for syncing - should I also create another
LDAP Authentication (System/LDAP/LDAP Authentication) instance as well? The current LDAP Auth specifies the same LDAP User Search Base as the LDAP Directory entry.
If I create another LDAP Directory (System/LDAP/LDAP Dir) for syncing - should I also create another
LDAP Authentication (System/LDAP/LDAP Authentication) instance as well? The current LDAP Auth specifies the same LDAP User Search Base as the LDAP Directory entry.
You can only have 1 LDAP authentication agreement, that one should point to a DC that knows how to authenticate any user/password passed to Callmanager. In your case, point it to the upper OU that contains the affected inner OUs.
ASKER
Cool - thanks again.
Welcome mate
ASKER