cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

LDAP Custom Filter -CUCM 8.x

21352
Views
5
Helpful
0
Comments

Problem

How to configure an LDAP filter that only imports users with  IP Phones. That is you just want to sync with users that have 
extension at IP Phone field at LDAP.  
When you setup the LDAP connector, the end user director populates all users, not just those with the IP Phones field populated.
Solution

 In Cisco Unified Communications Manager Administration, use the System > LDAP > LDAP Custom Filter 

menu path to configure LDAP filters. In the LDAP Filter Configuration window, you specify information about the LDAP filter.

LDAP Custom Filter Settings

Filter Name: Enter a name for the LDAP filter. The name can contain a
maximum of 64 UTF-8 characters.

Filter: Enter a filter. The filter can contain a maximum of 1024 UTF-8
characters. Enclose the filter text within parentheses ().

The LDAP filter filters the results of LDAP searches. LDAP users that match
the filter get imported into the Cisco Unified Communications Manager
database, while LDAP users that do not match the filter do not get imported.

The filter text that you enter must comply with the regular LDAP search
filter standards specified in RFC 4515. It is recommended that you verify
the LDAP search filter against the LDAP directory/searchbase by using the
ldapsearch command.
filter.jpg
Now you need to apply LDAP filters to LDAP directories

LDAP Directory Configuration

LDAP Custom Filter
Select an LDAP custom filter from the drop-down list. The LDAP filter filters the results of LDAP searches.
LDAP users that match the filter get
imported into the Cisco Unified Communications Manager database, but LDAP
users that do not match the filter do not get imported. customfilter.jpg

The search filters use the following formats:

*********************************************

<filter>=(<attribute><operator><value>)

or

(<operator><filter1><filter2>)

*********************************************
For example to get all users with an email attribute:
you need to Set up LDAP custom filter as (&(objectClass=user)(email=*))
and if its telephonenumber or ipPhone you need to change the email attribute with telephonenumber attribute
like
(&(objectclass=user)(telephonenumber=*))
Refer this url : https://supportforums.cisco.com/thread/2169692?tstart=0#3727518

to find how to filter disabled users from Active Directory

Related Information

CreatePlease to create content