08-09-2017 12:45 PM - edited 03-18-2019 12:19 PM
When I convert an "Active LDAP Synchronized User" to a local user account (using the Local using the "Convert LDAP Synchronized User to Local User" checkbox), it works great....until the next scheduled LDAP sync, at which time the account is switched back to it back to an "Active LDAP Synchronized User". Anyway to keep these accounts local?
CUCM v10.5.2.12901-1
08-09-2017 01:07 PM
I'm going to work backwards, for how this is done on our system. (same CUCM version)
System > Ldap > Ldap Directory - Find button pulls up my Company Users, click that link
Ldap Directory Info window, Ldap Custom Filter = mine is "IP_Phone" <-- remember this.
System > Ldap > Ldap Custom Filter - click link on IP_Phone filter
Ldap Custom Filter Info - Filter* = (member=CM= "AD member permission group" )
In your Active Directory or whatever, users are a member of that group above ^.
Removing that group membership from their account should stop sync'ing them.
It's how mine works :)
08-09-2017 01:26 PM
Thanks for the reply, and I'm aware I can use filters to work around this issue, but I'm wondering if there is a way to stop the LDAP-Sync'd account from taking precedence over the local account when there is already a local account with the same ID.
08-09-2017 02:02 PM
No, there is no way to stop this, if the ID of a local user matches that of an LDAP user, it will become an LDAP active user and that is WAD.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide