I tried it as well and it does not work. In the end I added the users using the default password in the cred policy. I also tried to update the user password via BAT 'update users' but no go. There was no error but the password did not get updated.

The cucm is ldap synced and authenticated. I temporarily disabled the ldap authentication and it worked. So CUCM 10 although you can have both local and ldap synced users it does not update passwords of local users when you have ldap authentication turned on. This is a left over I guess from the pre 9.X version of CUCM

Clearly a bug that needs to be addressed

Hope this helps save somebody else's time

Regards,

Christos

Christos,

Didn't you lose your user information in CUCM when you disabled the LDAP authentication? I get a warning that it will remove all the data if I do that....

Gregory - Default Credential Policy is set, I have password & pin defined in my CSV file. It's a very simple user import file format:

FIRSTNAME,LASTNAME,USERID,PASSWORD,DEPARTMENT,PIN,TELEPHONENUMBER

UserFirst,UserLast,Uname,Password1,ABC,12345,99999

I don't think 9.x will allow BAT imports of users with LDAP enabled..... but still hopeful.

That's strange because no matter how many times I tried it never managed to update the password. There was no error reported on the BAT file but only this

----------------------------------------------------------------------

Warning :

LDAP Sync status is enabled.Some fields cannot be updated.

******** NO ERROR FOUND *******

Result Summary :

UPDATE for 81 USERS passed.

UPDATE for 0 USERS failed.

------------------------------------------------------------

Of course none of the 81 users got the password updated. I checked it by trying to login to the ccmuser pages where it was still the password from the default credential policy.

The warning gave me the hint to just disable the ldap authentication for a few minutes in order to start my bat update. I used the same file as always and that time it worked. I then re-enabled the ldap authentication and everything went ok. Of course if you disable the ldap authentication, synced users will not be able to authenticate but for me it was for a few seconds and I did it during out-of-business hours.

In 9.X there is a warning but in 10.X there is no such warning for some reason :)

Regards,

Christos

You wont loose anything related to LDAP affects only local users.  Set the default password for local users before importing, it will work great.

Gregory...

Okay, even though there was a Default Cred Policy set I wasn't aware the password had been deleted, I set a password and now am able to import non-LDAP users into CUCM 9.1(2). Thank you for the assist, 5 stars and appreciated!

-C-

Happy I could help!

I had the same issue as cary.chapman and this fixed it.

I was hesitant at first, because I didn't want the Default Credential Policy to overwrite what passwords AD users had. For anybody else looking at this, the Default Credential Policy only effects local users.

Thanks Gregory! You saved me from having to enter a lot of end users manually.

Gotta love Cisco, "Password should be specified either in CSV file or default credential for Password should be set" - no, even if you set the password in the CSV you still need to set a password in the Default Credential Policy. Argh!