Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
804
Views
20
Helpful
7
Replies

EMCC between CUCM 9.x and 8.x

Go to solution
Cristian Boboc
Level 1
Level 1

‎01-30-2014 10:30 AM - edited ‎03-16-2019 09:31 PM

Hi,

I have to implement the EMCC feature between CUCM version 9.x and 8.x and Cisco documentation doesn't specify anything about this scenario.

The users exist in both clusters as the LDAP integration is pointing to the same AD.

In version 9.x exist the option to specify (check) the home cluster in the end user configuration but not in version 8.x

Does anybody knows what is the behaviour in this situation? If we check the Home cluster option for users belongs to cluster 9.x than we can have these users in cluster 8.x as well?

What about the users from cluster 8.x? If we don't check the home cluster option for these users in cluster 9.x than the CUCMs will assume that these users belongs to cluster 8.x?

Do we still have to have unique users ID in both clusters?

Thanks

1 person had this problem
Labels:
0 Helpful
3 Accepted Solutions

Accepted Solutions

Go to solution
Jaime Valencia
Cisco Employee
Cisco Employee

‎01-30-2014 10:37 AM

Yes, on your scenario you would need unique IDs for this to work, otherwise, all users on 8.X cluster will be treated as local users as they do exist in the directory.

That, or upgrade that one to 9.X as well.

HTH

java

if this helps, please rate

www.cisco.com/go/pdihelpdesk

HTH

java

if this helps, please rate

View solution in original post

Go to solution
Aditya Gupta
Cisco Employee
Cisco Employee
In response to Cristian Boboc

‎01-30-2014 11:05 AM

Hi Cristian

As Jaime mentioned above, this feature only works if you are using CUCM 9.X as this was included as a part of an enhancement to 8.X,  mentioned below :

CSCte96183

https://tools.cisco.com/bugsearch/bug/CSCte96183/?referring_site=ss

Prior to CUCM 9.X CUCM, IF you have two CUCM clusters synced to a same LDAP server, you need to ensure that they donot have same users, else you EMCC features does not work.

"Home Cluster" option you are mentioning above will only be helpful from the 9.X perspective but your other CUCM(8.X) will still treat all the users as local

Regards

Aditya Gupta

View solution in original post

Go to solution
Aditya Gupta
Cisco Employee
Cisco Employee
In response to Cristian Boboc

‎01-30-2014 11:54 AM

Yes, you can LDAP Filters

As per SRND, An attribute specified in the filter can be any attribute that exists in the LDAP directory store, and it does not have to be one of the attributes that is understood and imported by Unified CM. The attribute is used only on the LDAP server to select data, and the corresponding entries will have a subset of their data imported into Unified CM.

http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/srnd/8x/directry.html#wp1084415

Just to give you an example for Active Directory:

Syntax:

(&(objectclass=user)(!(objectclass=Computer))(!(UserAccountControl:1.2.840.113556.1.4.803:=2))(ipPhone=*))

This filters where the object:

*   Is an end-user AND is not a computer AND User Account is not disabled AND

has the ipPhone field populated with any value

for syntax see

http://social.technet.microsoft.com/wiki/contents/articles/5392.active-directory-ldap-syntax-filters.aspx

No problems with LDAP Filters is my experience.

you can use free tools like Softerra LDAP Browser or JXplorerto test your Filter

http://www.cisco.com/en/US/products/sw/voicesw/ps556/products_configuration_example09186a0080b2b103.shtml

Aditya Gupta

View solution in original post

7 Replies 7

Go to solution
Jaime Valencia
Cisco Employee
Cisco Employee

‎01-30-2014 10:37 AM

Yes, on your scenario you would need unique IDs for this to work, otherwise, all users on 8.X cluster will be treated as local users as they do exist in the directory.

That, or upgrade that one to 9.X as well.

HTH

java

if this helps, please rate

www.cisco.com/go/pdihelpdesk

HTH

java

if this helps, please rate

Go to solution
Cristian Boboc
Level 1
Level 1
In response to Jaime Valencia

‎01-30-2014 10:43 AM

Thank you for your answer.

Do you mean that I need all the users (users belongs to both cluster 9.x and 8.x) to be unique IDs?

Checking or unchecking the Home cluster option on cluster 9.x doesn't change any behaviour?

Thx.

0 Helpful

Go to solution
Aditya Gupta
Cisco Employee
Cisco Employee
In response to Cristian Boboc

‎01-30-2014 11:05 AM

Hi Cristian

As Jaime mentioned above, this feature only works if you are using CUCM 9.X as this was included as a part of an enhancement to 8.X,  mentioned below :

CSCte96183

https://tools.cisco.com/bugsearch/bug/CSCte96183/?referring_site=ss

Prior to CUCM 9.X CUCM, IF you have two CUCM clusters synced to a same LDAP server, you need to ensure that they donot have same users, else you EMCC features does not work.

"Home Cluster" option you are mentioning above will only be helpful from the 9.X perspective but your other CUCM(8.X) will still treat all the users as local

Regards

Aditya Gupta

Go to solution
Cristian Boboc
Level 1
Level 1
In response to Aditya Gupta

‎01-30-2014 11:35 AM

Thank you.

There is a way to block/filter the users based on the cluster, using the LDAP integration? Or requires a third party application?

0 Helpful

Go to solution
Aditya Gupta
Cisco Employee
Cisco Employee
In response to Cristian Boboc

‎01-30-2014 11:54 AM

Yes, you can LDAP Filters

As per SRND, An attribute specified in the filter can be any attribute that exists in the LDAP directory store, and it does not have to be one of the attributes that is understood and imported by Unified CM. The attribute is used only on the LDAP server to select data, and the corresponding entries will have a subset of their data imported into Unified CM.

http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/srnd/8x/directry.html#wp1084415

Just to give you an example for Active Directory:

Syntax:

(&(objectclass=user)(!(objectclass=Computer))(!(UserAccountControl:1.2.840.113556.1.4.803:=2))(ipPhone=*))

This filters where the object:

*   Is an end-user AND is not a computer AND User Account is not disabled AND

has the ipPhone field populated with any value

for syntax see

http://social.technet.microsoft.com/wiki/contents/articles/5392.active-directory-ldap-syntax-filters.aspx

No problems with LDAP Filters is my experience.

you can use free tools like Softerra LDAP Browser or JXplorerto test your Filter

http://www.cisco.com/en/US/products/sw/voicesw/ps556/products_configuration_example09186a0080b2b103.shtml

Aditya Gupta

Go to solution
Cristian Boboc
Level 1
Level 1
In response to Aditya Gupta

‎01-31-2014 06:18 AM

Thank you Aditya and Jaime for the answers.

0 Helpful

Go to solution
richb1971
Level 4
Level 4
In response to Aditya Gupta

‎02-16-2015 01:37 AM

Hi guys,

 

Can you offer any advice:

 

If a user is in midst migration from CM8 to CM10 (same ID) and is marked as Inactive in CM8 - how can they login to EMCC? There's a 24hr period (+garbage collector) when users cannot login with their CM10 profile as it exists on both clusters.

 

How do these users login until they are purged?

 

Rich

0 Helpful
Customers Also Viewed These Support Documents