Thanks Rob,

This is very helpful.

Would you happen to have any détails about how to map the synced user account to Device Profile for EM users? This is an existing environement.

Hi,

Sorry only just noticed this comment.

You would need to use BAT to join up the Device Profile and User Account.  I'll presume you haven't used BAT before so apologies if you already know the basics.

Basically BAT works with an Excel template bat.xlt which can be found by searching "bat" in the "upload / download files" menu option on the BAT Menu.  In the Excel template there is an Update Users tab.  Here you can specify the UserID that needs to be updated, enter the Default Profile and set the Primary Extension.  Use the buttons on the right hand side to convert the sheet to a CSV and upload this CSV to your Call Manager using the Upload / Download Files menu.

In the BAT menu go to Users > Update Users > Custom file and select the file you just uploaded.  Call manager will then go through your CSV and pair up the Device Profiles with the User Accounts that have been synced through LDAP.

Of course the process of getting the UserIDs and Device Profiles into the Spreadsheet is the hardest part.  How difficult this will be will depend on your Active Directory SAMAccount names vs your current username naming convention within Call Manager.

You could try exporting the information from Call Manager first before the initial LDAP sync and then tie up the old CUCM usernames with the new AD usernames.  Perform the initial LDAP Sync and then run your BAT tool.

A more detailed guide for the BAT tool can be found here.

http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/bat/9_1_1/CUCM_BK_C271A69D_00_cucm-bulk-administration-guide-91.html

Let me know if you need anything else.

Thanks
Rob

Thank you Rob,

In the first reply you mentioned,

no problems with special characters in the name fields.  As long as they don't appear in the SAM account name you should be fine.

and in the last reply

How difficult this will be will depend on your Active Directory SAMAccount names vs your current username naming convention within Call Manager.

I am kind of confiused, Are we going to use SAMAccount names? If yes, how are we going to deal with special characters?

Thanks,

MK

Hi,

Sorry for the confusion.  The second comment about SAMAccount names was not related to special characters.  The SAMAccount name in AD is used to migrate the user accounts across to CUCM, CUCM will use the SAMAccount name from AD as the End User userid for Extension Mobility.

I don't know how your naming convention for current userid's in CUCM compare to the SAMAccount name in your AD environment.  I was trying to explain that you when you export your list of current users from CUCM the userid's will map to a Device Profile.  You need to replace those userid's with the SAMAccount names from AD.  If they were different, that may be a challenge.

I would imagine that you are using the same userid's as the user has in AD which is easy.  Export the User List to Excel.  Delete all Local Users in CUCM.  Import all User Accounts from AD with an initial sync and map the End Users to Device Profiles using the previously exported data.

Hope this clears it up, if not please let me know.

Thanks
Rob

Thanks Rob,

We are going to go through this CUCM and AD integration in couple of weeks. If you don't mind I will update this post as we go through and ask for your help if needed. Hope it's OK with you.

Many thanks,

MK

Would you happen to have a step-by-step document that you can share with me?

Thanks,

MK

Hi MK,

No guide unfortunately.  All the information you need will be in the CUCM Admin guide to take you through the setup of LDAP, pre-requisites etc.

http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/admin/10_0_1/ccmcfg/CUCM_BK_C95ABA82_00_admin-guide-100.html

Like I say the hardest part is using BAT to reassign your EM Device Profiles to the new LDAP accounts.  Have a play with BAT first on a couple of test users to see what it does and what you need to do for the rest of the users.

The first step, is setting up your LDAP sync.  If users don't have the IP Phone field completed in the Telephones tab of the user accounts in AD, you can put the filter in place that I discussed earlier and you will have control of what gets pulled across.  You can then use a couple of test users to play with and then migrate users over a batch at a time.

Feel free to update this post at anytime, I will do my best to help you, if I'm not available I'm sure you will get a response from someone on here.

Thanks

Rob

Hi Robert,

Hope you're doing well.

I need your help for the issue I have with CUCM-LDAP integration.

The issue is that when I use the telephone number, I am able to sync the LDAP with CUCM but fail when using sAMAcountName. Could you please see if I am doing anything wrong? I have another post on this issue but not getting any answer. I thought you may be able to help me out.

https://supportforums.cisco.com/t5/ip-telephony/ldap-amp-cucm-integration/td-p/3376779/page/2

Please find attached the screenshots that I have uploaded for the other post.

Thanks,

MK

Hi there

Just curious, in the screenshot I can see the same user as Local and Inactive User. Do you want the user-id of the user in phone number  or normal user id (text)?

Reason I asked is , I just did the testing in my lab with both sAMAcountName and Telephone Number.

Worked in both cases.

Hope this Helps

Cheers
Rath!

***Please rate helpful posts***

Were you able to sync tajkarb using sAMAcountName attribute? For some reason, I am able to sync with TelephoneNumber but not with sAMAcountName!

 As you can see in the attached file, I have a LDAP user called tajkarb2 and I also have the same user in the CUCM but not able to sync it with sAMAcountName. As soon as, I modify the sAMAcountName to TelephoneNumber the sync works but it creats another entery in the CUCM database where the user ID is the extension. What I want is to be able to overwirte the existing user in the CUCM datebase with the information coming from LDAP.

Thanks,

MK