Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation

Who Me Too'd this topic

CUCM 11.5 authentication with LDAP - Single forest, multiple domains and UPN suffixes

fjlopezderego
Level 1
Level 1

‎02-03-2017 04:53 PM - edited ‎03-17-2019 09:25 AM

Hi,

     I'm trying to integrate a CUCM 11.5 with an LDAP like this:

     - One forest

     - Multiple domains connected to the forest (for example, avvid.com and voice.com)

     - Each domain has UPN suffixes, applied to the users, for example:

                      John Doe's UPN is john.doe@lab.com, the sAMAccountName is jdoe and it is located in the domain avvid.com

                      Phil Doe's UPN is phil.doe@avvid.com, the sAMAccountName is phil.doe and it is located in the domain avvid.com

                      Jane Doe's UPN is jane.doe@test.com, the sAMAccountName is jdoe2 and it is located in the domain voice.com

  Mary Doe's UPN is mary.doe@voice.com, the sAMAccountName is mdoe and it is located in the domain voice.com

With this scenario only the users with an UPN suffix that equals the domain can login. That means that Phil and Mary can login, but John and Jane can't. It is as expected according to the SRND because the CUCM sends the bind to the LDAP based on the UPN and, as long as DC=lab,DC=com or DC=test,DC=com do not exist, it fails. How can this AD be integrated? Could AD/LDS help?

Regards,

1 person had this problem
Labels:
0 Helpful
Who Me Too'd this topic