cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
390
Views
0
Helpful
3
Replies

If I import LDAP user to new CUCM where no LDAP config, then would they become LDAP User or Local User ?

best2sons
Level 1
Level 1

Dear Cisco UC Experts,

I have a new project, A company will take over B company IP Phones and employees.
So I have to build new CUCM12.5 in to new UCS Server and do basic configuration.
After that, I need to import phones, device profiles, end users from company B exiting CUCM export BAT data.
When I setup new CUCM, AD with user data will not be ready, after 2 months, AD will be ready.
So I have a concern about this LDAP synced end user import as phones and EM has user information and need to create user on CUCM.

I have few question and need your advice.

1. When I import user from BAT from B company CUCM to new CUCM12.5 where no LDAP sync config, how is the status of this user ?  is it LDAP User(Active or InActive ??) or Local User ??


2. When I import LDAP Synced enduser from B company CUCM BAT to A company new CUCM12.5, would these imported new user be LDAP inactive user and removed after next garbage collection time ? what will happen after importing ?

 

3. If they are supposed to remove, then should I change them to Local User ?
If yes, then when AD Sync is ready, Can I change back to LDAP Sync, then will they become LDAP active user again ?

 

4. If they can still be LDAP active user as there is no LDAP Sync, then when AD Sync is ready, Can I change back to LDAP Sync, then will they become LDAP active user again ?

As this situation is not normal, Please share your advice, Thanks in advance.

3 Replies 3

pwenger
Level 3
Level 3

Hello

 

One of the key points will be what field you will use as username when you synchronize your users from LDAP (i.e. SamAccount or mailaddress or...).

 

To your questions:

1: As you don't have an active LDAP synchronization your users will be local users in CUCM after BAT import.

2: As I wrote before, the key point will be what you defined as username. When the CUCM username exists in AD and there is an active LDAP connection, this user will be syncronized and will transform from a local user to a LDAP active user.

3 and 4: When you turn off LDAP Sync the user will stay as inactive for a couple of days and then dissapears. If you want to keep those inactive users you have to switch them manually to local users.

 

Hope this helps

Peter

Hi Peter,

Thanks of your reply, really appreciated.

So your point is as there will no LDAP Sync config, when I import to new CUCM, it should turn out as a Local User, I understand that however anyone test it before ??

 

And if I use same mapping for userid(like sMAaccount - I will request them), then it is very critical to be LDAP active user AUTOMATICALLY when LDAP configured and complete full sync.

But I saw below link in which Local User can not turned out as a LDAP user and he had to delete user on AD and did re-synchronization, then I cannot use this Solution.

Have you or anyone tested local user(with same userid mapping) to LDAP user after re-sync ??

 

https://community.cisco.com/t5/unified-communications/local-user-to-ldap-user/m-p/3219356

 

 

You should have the answer to some of this by just looking at your system, any user that you have right now should show as a local user because there is no LDAP sync active. That exactly how it shows in the end users page.

 

CUCM can have BOTH LDAP and local users.

If a local user's userID matches whatever you're using as userID for the LDAP sync, that user will become an active LDAP user.

If it doesn't match, it will remain as a local user.

HTH

java

if this helps, please rate
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: