cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3290
Views
0
Helpful
4
Replies

Updating LDAP User Search Base

Jacob Berger
Level 2
Level 2

Using CUCM 8.6.2

Under LDAP Authentication

i would like to update the search base from a specific OU to the root of the domain.

what steps do i need to take to do this and will the current user list be affected by this change?.

2 Accepted Solutions

Accepted Solutions

jonathanwalton
Level 1
Level 1

your current user base will not be effected.  After you create your new directory that points at the root,be sure to press the force sync button.  wait a few minutes and check your users.  If there is a problem, you have at least 24 hours to fix it before the trash collected deletes the accounts flagged as deactive.

View solution in original post

1. This is Ok, you can have up to 5 LDAP directory integrations.

2. You can only have a single LDAP authentication, so you need to define the LDAP container so that it enlists all users you want to be able to authenticate.

HTH,

Chris

View solution in original post

4 Replies 4

Chris Deren
Hall of Fame
Hall of Fame

delete the current one and create a new one with desired settings.

Chris

Sent from Cisco Technical Support iPad App

jonathanwalton
Level 1
Level 1

your current user base will not be effected.  After you create your new directory that points at the root,be sure to press the force sync button.  wait a few minutes and check your users.  If there is a problem, you have at least 24 hours to fix it before the trash collected deletes the accounts flagged as deactive.

Jacob Berger
Level 2
Level 2

thanks to all

2 questions

1. i created an additional directory i now have 1 pointing to a specific OU and one pointing to the root domain ( which contains the above specific OU amongst others) i want to be sure i don't loose users, is that ok for now or must i delete the original directory pointing to specific OU?

2. i am using LDAP authentication, it is pointing to the above specific OU. Because of security concerns i am not interested in authenticating the root domain but want the root domain synced to make sure that user don't get deleted if mistakenly moved to non synced OU. Is there a problem with such a design?

thanks again

1. This is Ok, you can have up to 5 LDAP directory integrations.

2. You can only have a single LDAP authentication, so you need to define the LDAP container so that it enlists all users you want to be able to authenticate.

HTH,

Chris

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: