cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
1449
Views
9
Helpful
9
Replies
Highlighted
Beginner

CUCM & LDAP integration

Hi,

Is it possible to integrate CUCM 8.0.3 with two different Microsoft AD forest for end user syncronization & authentication? If yes please let me know how?

Regards,

AJ

9 REPLIES 9
Highlighted
Contributor

Hi AJ,

As far as I know, it's not possible to integrate CUCM with 2 different AD forests. It supports only a single AD forest at max with multiple trees/domains.

http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/srnd/8x/directry.html

Regards...

-Ashok.


With best regards...
Ashok
Highlighted
Beginner

Highlighted

Hi Hillman,

Thanks for the link.

I have gone througth SRND in detail & it does not describe about multi - forest integration.

The other documnet require ADAM server for CUCM & multi forest AD integration. Is ADAM compulsary for multi forest integration. Will authorization also work in multi forest deployment?

Regards,

Abhas Jain

Highlighted

Disclaimer: I have not deployed myself, but it seems rather intuitive.

From what I have read it would be required, otherwise you would not be able to authenticate against a second, third, etc. forest.

Highlighted
Hall of Fame Cisco Employee

Note Microsoft Active Directory  Application Mode support is limited to those directory topologies  already supported with a native Active Directory connection. No  additional topologies, such as multi-forest, multi-tree single forest,  or global catalog are supported.

http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/admin/8_0_2/ccmsys/a04direc.html

HTH

java

If this helps, please rate

www.cisco.com/go/pdihelpdesk

HTH

java

if this helps, please rate
Highlighted

So when Cisco speaks out both sides of it's mouth is the SRND the official doctrine?

Highlighted

I didn't mean that to be as snarky as it sounded.  I mean it literally.  Which one of the conflicting articles "wins?"

Highlighted

I think it might also be worth pointing out that synchronization and authentication are two different pieces that are only tangentially related.  You can pull users from multiple forests without ADAM, but authentication will require a single sign-on proxy esch. device.

Highlighted
Hall of Fame Cisco Employee

The info does seem conflicting, I found another place with the same statement. But a note on how to configure this.

Microsoft Active Directory Application Mode  support is limited to those directory topologies already supported with a  native Active Directory connection. No additional topologies, such as  multi-forest, multi-tree single forest, or global catalog are supported.

http://www.cisco.com/en/US/partner/docs/voice_ip_comm/cucm/rel_notes/8_0_1/delta/cmadmin.html

How to Configure Unified Communication Manager  Directory Integration in a Multi-Forest Environment

http://www.cisco.com/en/US/partner/products/sw/voicesw/ps556/products_configuration_example09186a0080b2b103.shtml

Since there is a whole note on this, it appears to be supported.

HTH

java

If this helps, please rate

www.cisco.com/go/pdihelpdesk

HTH

java

if this helps, please rate