Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1406
Views
0
Helpful
11
Replies

AD and CUCM synchronization issues

Go to solution
yamikani2g2
Level 1
Level 1

‎01-22-2019 02:10 AM - edited ‎03-17-2019 01:59 PM

Dear experts 

 

I don't seem to be synchronizing Active Directory with CUCM users could i have some assistance any pointers

 

I will appreciate thanks in advance.

 

 

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Maren Mahoney
VIP
VIP
In response to yamikani2g2

‎01-22-2019 07:08 AM

This error means that either:

  • The account you are using in CUCM for access to LDAP is in the wrong format. The format can either be account@domain.com or distinguished name format. If you need help figuring out the distinguished name format, contact your Microsoft administrators as they should know.
  • The password for the account you are using in CUCM to access LDAP is not entered correctly in CUCM, or the account is locked in AD
  • The account you are using in CUCM for access to LDAP does not have (at a minimum) read-only access to the LDAP database for the domain, container or OU that is your User Search Base.

If you are able, try using an AD administrative account (like the domain admin account) to see if entering that account information in CUCM successfully saves. If so, then one of the above is the problem. If that does not fix your problem, let us know and we can look further.

 

Maren

View solution in original post

0 Helpful
11 Replies 11

Go to solution
Ratheesh Kumar
VIP Alumni
VIP Alumni

‎01-22-2019 02:17 AM

Hi there

 

Could you elaborate more on the issue and share your configuration. Does this mean non of the users are getting synced with CUCM

 

First hand, please go thru this document and verify all the configurations are in place 

 

http://www.uccollaborationgeek.com/cucm-ldap-integration/

 

Also share your Dirsync logs if the issue persists 

 

Hope this helps

Cheers

Rath!

 

***Please rate helpful posts***

0 Helpful

Go to solution
yamikani2g2
Level 1
Level 1
In response to Ratheesh Kumar

‎01-22-2019 04:00 AM

Some useful resource you sent here i followed the document item by item and this is what i got when i tried to synch it.

 

I got this error.

 

Login Failure to Host ldap://1X2.1X.2XX.10:389, Please Re-Enter LDAP Manager Distinguished Name and Password

 

Should I reset the AD password on the windows side?

 

 

 

0 Helpful

Go to solution
George Sotiropoulos
Cisco Employee
Cisco Employee
In response to yamikani2g2

‎01-22-2019 04:02 AM

Please make sure that you enter the correct AD password on the CUCM side. I strongly suggest to contact your AD Administrator prior of resetting any password.

 

George

Please Rate Posts (by clicking on Star) and/or Mark Solutions as Accepted, when applies
0 Helpful

Go to solution
Maren Mahoney
VIP
VIP
In response to yamikani2g2

‎01-22-2019 07:08 AM

This error means that either:

  • The account you are using in CUCM for access to LDAP is in the wrong format. The format can either be account@domain.com or distinguished name format. If you need help figuring out the distinguished name format, contact your Microsoft administrators as they should know.
  • The password for the account you are using in CUCM to access LDAP is not entered correctly in CUCM, or the account is locked in AD
  • The account you are using in CUCM for access to LDAP does not have (at a minimum) read-only access to the LDAP database for the domain, container or OU that is your User Search Base.

If you are able, try using an AD administrative account (like the domain admin account) to see if entering that account information in CUCM successfully saves. If so, then one of the above is the problem. If that does not fix your problem, let us know and we can look further.

 

Maren

0 Helpful

Go to solution
George Sotiropoulos
Cisco Employee
Cisco Employee

‎01-22-2019 03:33 AM

Hello,

 

Please can you be a bit more specific on which is the exact problem on your AD synchonization?

 

Below you will find the guidelines of AD integration with CUCM

 

https://www.cisco.com/c/en/us/support/docs/voice-unified-communications/unified-communications-manager-version-80/111979-ucm-multi-forest-00.html#anc19

 

Let us know,

George

Please Rate Posts (by clicking on Star) and/or Mark Solutions as Accepted, when applies
0 Helpful

Go to solution
yamikani2g2
Level 1
Level 1
In response to George Sotiropoulos

‎01-22-2019 04:03 AM

Mr George this is some comprehensive document you sent...

I am going through it although am running  win 2008 

as above i am getting this error

 

Login Failure to Host ldap://1x2.1x.20x.1x:389, Please Re-Enter LDAP Manager Distinguished Name and Password

 

thanks

 

 

0 Helpful

Go to solution
George Sotiropoulos
Cisco Employee
Cisco Employee
In response to yamikani2g2

‎01-22-2019 04:09 AM

Have you delegated this account to have "Read All Attributes"  Authority Access for this certaion OU?

 

George

Please Rate Posts (by clicking on Star) and/or Mark Solutions as Accepted, when applies
0 Helpful

Go to solution
yamikani2g2
Level 1
Level 1
In response to George Sotiropoulos

‎01-23-2019 02:08 AM

Okay the synchronization was working before till AD started having issues i changed the Windows Admin password to something else. I put the same new password on CUCM and did a synchronization. Below is what i get when i do " perform full synch"..

 

Status: Ready

 

How do i know that AD and CUCM are now in synch.

 

 

 

 

 

0 Helpful

Go to solution
George Sotiropoulos
Cisco Employee
Cisco Employee
In response to yamikani2g2

‎01-23-2019 02:42 AM

You can use RTMT - System - Syslog Viewer and check the Cisco DirSync messages.

 

Hope this helps.

Please Rate Posts (by clicking on Star) and/or Mark Solutions as Accepted, when applies
0 Helpful

Go to solution
yamikani2g2
Level 1
Level 1

‎01-23-2019 05:55 AM

Maren, Ratish and George I used all the data you gave me i have resolved the issue. 

I matched the password on CUCM and AD. I created the users on AD and did a manual Sync. 

 

Thanks for the quick help. 

0 Helpful

Go to solution
George Sotiropoulos
Cisco Employee
Cisco Employee
In response to yamikani2g2

‎01-23-2019 07:57 AM

Glad to hear that you worked it out!

 

George

Please Rate Posts (by clicking on Star) and/or Mark Solutions as Accepted, when applies
0 Helpful
Customers Also Viewed These Support Documents