01-27-2016 11:28 PM - edited 03-17-2019 05:39 AM
Suppose CUCM is integrated with LDAP and it's configured to re-sync every hour. If the LDAP server is down for 24 hours what happens to the users in CUCM? Will they be marked inactive?
Solved! Go to Solution.
01-28-2016 03:40 AM
Hi,
Merely loss of connectivity with AD server will not mark them inactive. If the synchronization agreement configured under LDAP Integration on cucm is deleted then they will be marked active. As per the SRND "Once users are synchronized from LDAP into the Unified CM database, deletion of a synchronization configuration will cause users that were imported by that configuration to be marked inactive in the database. Garbage collection will subsequently remove those users."
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/collab10/collab10/directry.html
However, if you have configured LDAP authentication as well then end user logins and services would be affected.
That's why you have the option to add upto three AD servers for Directory integration as well as authentication for high availability.
Manish
01-27-2016 11:40 PM
Hello,
Here is the document with the explanation:
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/collab10/collab10/directry.html#pgfId-1067953
It clearly explains everything in details with a example.
Rate the post accordingly.
Regards,
Kevin Monteiro
01-28-2016 12:33 AM
"If none of the directory servers responds, then the synchronization fails, but it will be attempted again according to the configured synchronization schedule."
So CUCM will keep trying indefinitely?
01-28-2016 03:37 AM
Seems that way.
One sync attempt per hour is not going to put much strain on the network.
If your LDAP server is down for more than an hour, you have bigger issues than just the CUCM sync ;)
01-28-2016 03:40 AM
Hi,
Merely loss of connectivity with AD server will not mark them inactive. If the synchronization agreement configured under LDAP Integration on cucm is deleted then they will be marked active. As per the SRND "Once users are synchronized from LDAP into the Unified CM database, deletion of a synchronization configuration will cause users that were imported by that configuration to be marked inactive in the database. Garbage collection will subsequently remove those users."
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/collab10/collab10/directry.html
However, if you have configured LDAP authentication as well then end user logins and services would be affected.
That's why you have the option to add upto three AD servers for Directory integration as well as authentication for high availability.
Manish
01-28-2016 06:29 AM
No, it will not continue indefinitely, did you read the link and how the garbage disposal mechanism works?????
01-28-2016 08:47 AM
Re-read my question.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide