Solved: George is correct, it seems

owaisqadri · ‎02-17-2015

Dear all,

I need help how to configure LDAP search base with multiple OU. In the current setup customer is having users in multiple OU in AD 2008 R2. I am able to configured the LDAP integration with single OU but when i tried to configure the same with multiple OU it gives error " Search base not configured properly.

current configured OU=Newham,DC=Ahh,DC=com working fine

Required

CN=Users,OU=Newham,OU=NewhamDesktop,DC=Ahh,DC=com ( giving error Search base not configured properly )

Chris Deren · ‎02-18-2015

Here are your choices:

1. if you need all users from any containers from your LDAP then add only this one:

DC=Ahh,DC=com

2. If you need ONLY users from specific OUs, then create one integration for each OU:

CN=Users, DC=Ahh,DC=com - not sure if you needed this one as well

OU=Newham, DC=Ahh,DC=com

OU=NewhamDesktop, DC=Ahh,DC=com

For LDAP Authentication you can only have 1 entry, so use:

DC=Ahh,DC=com

View solution in original post

George Thomas · ‎02-17-2015

Looks like you want users from the 2 OUs and 1 container. It should look like this:

CN=Users, DC=Ahh,DC=com

OU=Newham, DC=Ahh,DC=com

OU=NewhamDesktop, DC=Ahh,DC=com

You will need to create multiple sync agreements to cover the above search bases.

Please rate useful posts.

owaisqadri · ‎02-18-2015

Hi George ,

i tired this scenario but it gives error as wrong ldap search base error is attached

Chris Deren · ‎02-18-2015

George is correct, it seems like you are trying to bundle them together instead of separating them as:

OU=Newham, DC=Ahh,DC=com

OU=NewhamDesktop, DC=Ahh,DC=com

The fist one you already have and is working, what happens when you add another sync for the second one as listed above?

Also, which container is the cucmldap user created under? Make sure it is either under DC=Ahh,DC=com or use a different user under specific container.

owaisqadri · ‎02-18-2015

Hi chris,

Yes you are correct i am trying to bundle them together. when i test sync for second one it is also working fine.

cucmldap user is under Users Container under DC=Ahh,DC=Com

Active directory screen shot is attached for your reference

Chris Deren · ‎02-18-2015

OK, so are you good now?

You can have up to 20 LDAP integrations with CUCM 10+ and up to 5 with 9.1 and below.

owaisqadri · ‎02-18-2015

if i bundle them together it is not working if i configure the same individually under search base than only it works.

Chris Deren · ‎02-18-2015

That is how it works, you do not bundle them together, this is the reason you can have up to 20 of them.

owaisqadri · ‎02-18-2015

So if i understand correctly you mean to same that i need to create 3 different search base under 3 different LDAP directory configuration

Chris Deren · ‎02-18-2015

Here are your choices:

1. if you need all users from any containers from your LDAP then add only this one:

DC=Ahh,DC=com

2. If you need ONLY users from specific OUs, then create one integration for each OU:

CN=Users, DC=Ahh,DC=com - not sure if you needed this one as well

OU=Newham, DC=Ahh,DC=com

OU=NewhamDesktop, DC=Ahh,DC=com

For LDAP Authentication you can only have 1 entry, so use:

DC=Ahh,DC=com

owaisqadri · ‎03-01-2015

Hi Chris,

It worked after created one integration for each OU .

Jaime Valencia · ‎03-01-2015

+5 to Chris, and to whoever rated one, that's no way to show appreciation for someone who solved YOUR issue for free.

That's the fast lane for getting no answers to your queries in no time here.

HTH

java

if this helps, please rate

Chris Deren · ‎03-02-2015

Thank you very much Jamie, I hope it was an honest mistake from owaisqadri and he can perhaps rate it appropriately when he has a chance :-)

LDAP Integration with CUCM 8.6 with Multiple OU in 2008 R2