Showing results for 
Search instead for 
Did you mean: 
Kevin Frazer

2 seperate UC clusters and disaster recovery


We are currently running a single UC cluster containing CUCM 8.x (pub/sub), UCCX HA 8.x, CUP 8.6.4, and CUC 8.5. The cluster is integrated with AD via LDAP for authentication/user consistancy purposes. We have recently been tasked with designing a disaster recovery scenario that would give us the ability to operate if we lost the above cluster. Deploying another subscriber will not work for us in this scenario. My thoughts are to obviously have 2 seperate clusters tied together with an ICT. Easy right? Ha!

Here is my challenge. Our CAD agents work out of one geographic location and it happens to be the same building the UC cluster resides in. They use active directory for CAD logins and extension mobility to hot desk. I realize with CUCM 8.x, we can take advatage of the EMCC feature which should cover extension mobility in the event we lost the primary cluster. The issue is with the LDAP integration. I do not believe you can integrate 2 seperate UC clusters with the same active directory forest (cannot find a definitive answer per SRND) so this defeats a dynamic failover scenario. In my mind, you would have to have 2 seperate active directory forests completely independent of each other or have one cluster that is not integrated with LDAP. I want to avoid that at all costs! I realize we could also have agents deployed at the other location but that does not solve the LDAP dependency and its just not an option for us at this time.

My initial thoughts were to deploy a cheaper type solution in the secondary site (UC500/CME/SMB) with no tie to AD and be completely independent of the primary cluster. This would only be for use by the folks in the call center and only applicable in a DR scenario. If we had a DR scenario, we would have the agents work from home via a VPN connection into the secondary site and fire up a softphone to take calls with (no CAD and I can get creative to mimic IVR type stuff). All of our 8XX numbers could be remote call forwarded to the secondary solution via PRI or SIP. Is there anyone out there with a simlar setup that can point me in the right direction?

James Hawkins


I cannot see why you would not be able to integrate two UC clusters with the same AD forest - the user provisioing into CUCM, CUC etc. is a one way sync. Authentication will pass requests to AD but that will not care what end system it is authenticating. Apologies if I have missed something but afaik this should not be an issue.

If you did try to maintain two separate clusters or systems you would have a big overhead in keeping them synced.

I would recommend examing every option for provisioning acceptable resilence on a single cluster. If you run it on UCS using a shared SAN then you can use some of the clever VMware features to provide enhanced resilience - see link below for more details.

If you really need two clusters then I would maintain the second as a mirror of the first in terms of versions, servers etc. and do DRS restores as part of the disaster recovery methodology.


Recognize Your Peers
Content for Community-Ad