cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
452
Views
0
Helpful
1
Replies

need to search a large corporate directory but have a small OVA template for CUCM

alalli
Level 2
Level 2

Hi All

I have a question about needing to search a large corporate directory (approximately 4500  users) but have a CUCM OVA template that limits me to 1000 users.

 

 

I have read the sizing guidelines and it seems to indicate that the system does not force the user accounts to the ova template limit.

The note below does not give me any information about how far you could exceed the maximum number of users though.

 

 

Note Cisco supports the synchronization of user accounts up to the limit mentioned above, but it does not enforce this limit. Synchronizing more user accounts can lead to starvation of disk space, slower database performance, and longer upgrade times.

 

 

I was wondering if anyone has tried this sort of thing and ran a cluster while exceeding the user limits.  If so,  how far did they exceed the users limit and what impact did it have on disk space.

 

 

I also need to ask what the implication of exceeding the user limit might be on any SLA with Cisco.      I have a feeling that Cisco just might not want to support something did not follow the SRND guidelines.

 

 

I would also love to hear if anyone is using one of the third party products to query that large AD database for the telephones.

 

That three different questions....  so sorry for the bulk blast.

 

 

Thank you for any information

 

Regards

 

 

 

 

http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/collab10/collab10/sizing.html

 

LDAP Directory Integration

The Unified CM Database Synchronization feature provides a mechanism for importing a subset of the user configuration data (attributes) from the LDAP store into the Unified CM publisher database. Once synchronization of a user account has occurred, the copy of each user's LDAP account information may then be associated to additional data required to enable specific Unified Communications features for that user. When authentication is also enabled, the user's credentials are used to bind to the LDAP store for password verification. The end user's password is never stored in the Unified CM database when enabled for synchronization and/or authentication.

User account information is cluster-specific. Each Unified CM publisher node maintains a unique list of those users receiving Unified Communications services from that cluster. Synchronization agreements are cluster-specific, and each publisher has its own unique copy of user account information.

The maximum number of users for a Unified CM cluster is limited by the maximum size of the internal configuration database that gets replicated between the cluster members. Currently the maximum number of users that can be configured or synchronized is 80,000. To optimize directory synchronization performance, Cisco recommends considering the following points:

  • Directory lookup from phones and web pages may use the Unified CM database or the IP Phone Service SDK. When directory lookup functionality uses the Unified CM database, only users who were configured or synchronized from the LDAP store are shown in the directory. If a subset of users is synchronized, then only that subset of users is seen on directory lookup.
  • When the IP Phone Services SDK is used for directory lookup, but authentication of Unified CM users to LDAP is needed, the synchronization can be limited to the subset of users who would log in to the Unified CM cluster.
  • If only one cluster exists, if the LDAP store contains fewer than the maximum number of users supported by the Unified CM cluster, and if directory lookup is implemented to the Unified CM database, then it is possible to import the entire LDAP directory.
  • If multiple clusters exist and if the number of users in LDAP is less than the maximum number of users supported by the Unified CM cluster, it is possible to import all users into every cluster to ensure directory lookup has all the entries.
  • If the number of user accounts in LDAP exceeds the maximum number of users supported by the Unified CM cluster and if the entire user set should be visible to all users, it will be necessary to use the Unified IP Phone Services SDK to off-load the directory lookup from Unified CM.
  • If both synchronization and authentication are enabled, user accounts that have either been configured or synchronized into the Unified CM database will be able to log in to that cluster. The decision about which users to synchronize will impact the decision on directory lookup support.

Note Cisco supports the synchronization of user accounts up to the limit mentioned above, but it does not enforce this limit. Synchronizing more user accounts can lead to starvation of disk space, slower database performance, and longer upgrade times.

 

 

1 Reply 1

Chris Deren
Hall of Fame
Hall of Fame

I have never heard of OVA size affecting directory search, 4500 users is frankly not that many so I would not worry about it.

With that being said if you have room for additional resources on you server I always recommend using the 7500 user OVA.