Showing results for 
Search instead for 
Did you mean: 

Changing LDAP in CUCM 7.x/8.x on active production cluster

Level 1
Level 1


If an existing cluster is integrated with an existing LDAP directory and that directory becomes unavailable for a prolonged amount of time (time exceeding when the accounts are both deactivated and fully removed), what will ultimately happen to functions that CUCM provides that used that authentication/directory source to be enabled?

e.g. 100 users are logged in with Extension Mobility and do not logout under normal circumstances.


2 Replies 2

James Hawkins
Level 8
Level 8

Extension Mobility is authenticated by PIN rather than password so that will continue fine.

Access to things that use password authentication (if this is configured on CUCM) will fail - this would include ccmuser access, UCCX login etc.

The user accounts would stay - they would not be deleted.

If your LDAP failed I think you could disable LDAP authentication and just set local passwords on CUCM which should be an ok workaround - I have never done this but cannot see why it would be a problem.

Also with CUCM 9 you can convert LDAP synced users into local users.

If it goes up to the point you ask:

(time exceeding when the accounts are both deactivated and fully  removed)

I DO see a problem here.

The PIN is indeed local to CUCM, but that would only work for the time between when the user is deactivated and garbage disposal mechanism removes it from the DB. (SRND 9 explains this if anyone is interested)

Once the user is gone, so is the PIN, so is any user/device/line/UDP/remote destination/etc association.

Only application users are local to CUCM and have no dependency on LDAP once it's configured, any end user which is synced via LDAP, is either active / inactive and ultimately deleted.

AFAIK the only way to prevent this would be to disable all together the LDAP sync/auth.



If this helps, please rate



if this helps, please rate
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: