Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7988
Views
10
Helpful
3
Replies

Removing CUCM9 LDAP

Go to solution
Adnan Kolakovic
Level 1
Level 1

‎01-30-2013 12:31 AM - edited ‎03-16-2019 03:26 PM

Hi All,

The CUCM 9 had some local users and since then I've enabled synchronization and authentication with LDAP. As it is version9 CUCM, both the LDAP and local users coexist.

Now I wan't to remove all of the LDAP users but leave the previously configured local users. I have removed the LDAP Directory, disabled LDAP authentication and disabled the LDAP sync but no users are marked as inactive.

I know this usually happens when the next sync cycle happens, but as there is no LDAP sync anymore, when will the users (or will they at all) be marked as inactive so that the garbage collection can do its job and delete those users.

Currently, as I've removed LDAP, you cannot see the difference between the local users and the old LDAP users.

Can someone please shed some light on what will happen now, and will the users be eventually removed and when. Thanks,

Adnan

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jaime Valencia
Cisco Employee
Cisco Employee
In response to Adnan Kolakovic

‎01-30-2013 05:51 AM

Unless you checked this option for the users:

Convert LDAP Synchronized User to Local User

The garbage disposal should remove them, once the fixed period of time has passed.

HTH

java

if this helps, please rate

www.cisco.com/go/pdihelpdesk

HTH

java

if this helps, please rate

View solution in original post

3 Replies 3

Go to solution
Aaron Harrison
VIP Alumni
VIP Alumni

‎01-30-2013 12:37 AM

Hi

I've not looked at this on 9.x, but previously on 8.x there is a status column that indicates whether the user is inactive or not. You can update it to make all the users permanent.

In your case you might not be able to determine which users were and were not present before you attempted the integration - you'd have to take a look at the DB tables to see if there is any info you can use.

The detail re: the status column in the DB is here:

https://supportforums.cisco.com/thread/2131043

Aaron

Aaron Please remember to rate helpful posts to identify useful responses, and mark 'Answered' if appropriate!
0 Helpful

Go to solution
Adnan Kolakovic
Level 1
Level 1
In response to Aaron Harrison

‎01-30-2013 12:43 AM

Hi Aaron,

Thanks for your reply. I would like to remove all of the LDAP users, rather then making them permanent, which is the reason I removed the LDAP agreements.

Removing 80,000 users manually might be too much which is why I would like to know if the CUCM will do this automatically and just leave the local users. Thanks,

Adnan

*edit* I just noticed that when I go into the configuration of an end user which was imported using LDAP, for user status is says "Inactive LDAP Synchronized User". This gives me home that in 24hrs when the garbage collection runs, it should delete the user. We will wait and see.

0 Helpful

Go to solution
Jaime Valencia
Cisco Employee
Cisco Employee
In response to Adnan Kolakovic

‎01-30-2013 05:51 AM

Unless you checked this option for the users:

Convert LDAP Synchronized User to Local User

The garbage disposal should remove them, once the fixed period of time has passed.

HTH

java

if this helps, please rate

www.cisco.com/go/pdihelpdesk

HTH

java

if this helps, please rate
Customers Also Viewed These Support Documents