Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
636
Views
2
Helpful
5
Replies

Deleting Active Enabled LDAP Synchronized User

Go to solution
tyoder
Level 1
Level 1

‎04-28-2023 08:31 AM

I work in the tech department of a school district and I am new to working with our Cisco call manager. I am trying to cleanup phones / voicemail / user lists as they all contain out of date information.

I have been going through our user list and yesterday I deleted three users who are no longer employed with our district. I switched them from "Active Enabled LDAP Synchronized User" to "Enabled Local User" and then deleted them.

They are inactive in our LDAP, but when I checked this morning, they have all returned as "Active Enabled LDAP Synchronized Users."

As far as I can tell, all of the connected systems have them as inactive users, but here they are again.

Any thoughts that could assist me in finding where to look?

Thank you.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Roger Kallberg
VIP
VIP
In response to tyoder

‎04-28-2023 10:44 PM

This chapter in the CM administration guide outlines the default LDAP filter in CM for AD and some other LDAP sources. Chapter: LDAP Directory Setup 



Response Signature


View solution in original post

5 Replies 5

Go to solution
Roger Kallberg
VIP
VIP

‎04-28-2023 08:51 AM

Do you possibly use a custom LDAP filter in CM for your LDAP synchronisation? The default build in LDAP filter that is in use if no custom filter is in use, includes a filter for not bringing inactive users over, but if you use a custom filter you might have left that part out, so you’d get all states of users brought over.

Apart from this you should not need to do anything related to end user objects in CM as they would be removed by the LDAP synchronisation and the garbage collector in CM that runs daily at 3 am.



Response Signature


Go to solution
tyoder
Level 1
Level 1
In response to Roger Kallberg

‎04-28-2023 11:11 AM

I looked at the LDAP filters and we do have two in place. One is for department and one is for telephoneNumber.

I took over these responsibilities when our network admin left, so the system was already set up. As a result, I do not know how some of the settings interact. Am I wrong in thinking these two fields shouldn't have any effect on my issue?  

0 Helpful

Go to solution
Roger Kallberg
VIP
VIP
In response to tyoder

‎04-28-2023 11:41 AM

You can only use one filter definition at a time, but the filter as such can include multiple different filter values. It would be easier if you could share screenshots of your LDAP synchronisation configuration and the filter string that you have in the LDAP filter.



Response Signature


0 Helpful

Go to solution
Roger Kallberg
VIP
VIP
In response to tyoder

‎04-28-2023 10:44 PM

This chapter in the CM administration guide outlines the default LDAP filter in CM for AD and some other LDAP sources. Chapter: LDAP Directory Setup 



Response Signature


Go to solution
tyoder
Level 1
Level 1
In response to Roger Kallberg

‎05-03-2023 06:44 AM

Roger,

Thank you for your assistance. We think we have it figured out.

It appears to have been a LDAP filter that was set up for telephoneNumber. The leaving employees were phone was not removed and the new employees phone was not added. It makes sense now that I understand it better.

0 Helpful
Customers Also Viewed These Support Documents