Cisco Unified Communications Manager LDAP Integration Question

We use CUCM 7.1 and have been integrated to AD via LDAP Sync for years. The LDAP User Search Base is specific - like this..

OU=USERS, OU=ACME, DC=COYOTE, DC=LOCAL

The Sys admins started migrating over some users to another OU in order to accommodate migration to Exchange 2013. Let's call it..

OU=EX13USERS, OU=ACME, DC=COYOTE, DC=LOCAL

The problem is that on the CIsco phone (7945G) - if I press Corporate Directory I can no longer find anyone in the EX13USERS OU 0- only those still in OU USERS.

If I tried to sync from a point higher in the tree say  OU=ACME, DC=COYOTE, DC=LOCAL - would that succeed in importing all users from all OU's below it? Or any way to sync from two or more separate specific OU's e.g.
OU=EX13USERS, OU=ACME, DC=COYOTE, DC=LOCAL  ..AND.. OU=USERS, OU=ACME, DC=COYOTE, DC=LOCAL

Thank you.
LVL 1
amigan_99Network EngineerAsked:
Who is Participating?
 
José MéndezConnect With a Mentor Commented:
Yes you can create 2 different LDAP directories and point each one to a different OU, although if you point directly to  OU=ACME, DC=COYOTE, DC=LOCAL (which contains EX13USERS and USERS) then Callmanager will search within the OUs inside ACME and sync those accounts.

http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/8x/uc8x/directry.html#wp1045381

This is not desirable if there are other OUs within ACME that do not contain telephony users. If this is the case, 2 different LDAP directories in Callmanager pointing to different OUs is the preferred method.
0
 
amigan_99Network EngineerAuthor Commented:
Excellent news. Thank you again!
0
 
amigan_99Network EngineerAuthor Commented:
Say a a follow-on if I may..

If I create another LDAP Directory (System/LDAP/LDAP Dir) for syncing - should I also create another
LDAP Authentication (System/LDAP/LDAP Authentication) instance as well? The current LDAP Auth specifies the same LDAP User Search Base as the LDAP Directory entry.
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
José MéndezCommented:
You can only have 1 LDAP authentication agreement, that one should point to a DC that knows how to authenticate any user/password passed to Callmanager. In your case, point it to the upper OU that contains the affected inner OUs.
0
 
amigan_99Network EngineerAuthor Commented:
Cool - thanks again.
0
 
José MéndezCommented:
Welcome mate
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.