LDAP integration for CUCM with more than 5 domain controllers or directly to Forest

mohamedrishin · ‎05-30-2011

Hi All,

I am doing an integration of LDAP with CUCM. I have around 11 dc and there is a limitation in LDAP directories in CUCM that maximum 5 LDAP directories can be created. Is there any workarounds for this or can I directly integrate with the forest?

If it can be done, how do I set my authentication

Regards,

Mohamed

ashok_boin · ‎05-31-2011

Hi Mohammed,

I guess you can directly integrate with AD Forest by utilizing UPN (User Principal Name) attribute and this attribute should be mapped to CUCM User ID. For authentication, CUCM will not allow to enter LDAP search base in this case as the search base is automatically dervived from UPN.

Please follow the procedure given in below article.

https://supportforums.cisco.com/docs/DOC-14782

Regards...

-Ashok.

With best regards...
Ashok

mohamedrishin · ‎05-31-2011

Thanks Ashok

If a.b.c is the forest name, I will mention in the user search base for LDAP directory as dc=a,dc=b,dc=c

Then userID will be UPN and I will apply filters to avoid not needed domains.

Am I in the right path?

Thanks,

Mohamed

ashok_boin · ‎05-31-2011

Hi Mohammed,

As mentioned in the article, you will not get an option to enter LDAP search base as soon as you map CUCM User ID with UPN name of AD. The LDAP search base will get automatically computed with UPN Name.

If you want LDAP search base filtering, then I guess you should not use UPN but need to follow the restriction of 5 domains.

Regards..

-Ashok.

With best regards...
Ashok