Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2311
Views
5
Helpful
4
Replies

Changing the LDAP Attribute for UserID

Chris Huras
Level 1
Level 1

‎11-08-2021 06:16 AM

I want to change the LDAP attribute for the user id from sAMAccountName to userPricipalName but I need to delete all LDAP directories and disable the LDAP authentication before it will allow me. What are the consequences of doing this? If I delete them make the change then add the LDAP directories and authentication back will that change anything with the current connected LDAP users other than the user id field?

 

I just want the userid to pull from a different field in AD to keep the usernames in our environment the same and prevent users from having to remember a different user name.

 

 

 

 

Labels:
0 Helpful
4 Replies 4

Nithin Eluvathingal
VIP
VIP

‎11-08-2021 08:48 AM - edited ‎11-08-2021 08:49 AM

AFAIK The users with new User ID will be pulled and  the old users will get removed during the garbage time which normally happens at 3.15 Am and after 24 Hours. 

 

 



Response Signature


0 Helpful

Steven L
Spotlight
Spotlight

‎11-08-2021 09:05 AM

as long as it is the same LDAP servers and the same GUID is used, you SHOULD be OK. CUCM is using the GUID underneath the covers. Once it syncs up, it should just update the user ID field in CUCM to the new attribute you are using.

 

I have done this several times. As long as everyone has a UPN defined, it should work

0 Helpful

Jaime Valencia
Cisco Employee
Cisco Employee

‎11-08-2021 09:39 AM

  • For AD deployments, the ObjectGUID is used internally in Unified CM as the key attribute of a user. The attribute in AD that corresponds to the Unified CM User ID may be changed in AD. For example, if sAMAccountname is being used, a user may change their sAMAccountname in AD, and the corresponding user record in Unified CM would be updated.

With all other LDAP platforms, the attribute that is mapped to User ID is the key for that account in Unified CM. Changing that attribute in LDAP will result in a new user being created in Unified CM, and the original user will be marked inactive.

 

https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/collab12/collab12/directry.html

HTH

java

if this helps, please rate

Steven L
Spotlight
Spotlight
In response to Jaime Valencia

‎11-08-2021 10:17 AM

good point. i was assuming they were using AD.

 

If it is AD, you can switch from sAMAccountname to UPN and it will update the user name in CUCM

0 Helpful
Customers Also Viewed These Support Documents