Showing results for 
Search instead for 
Did you mean: 

PMP License association with Users

Sushant Sharma

Dear Experts,

Is there any way to associate specific users with PMP licenses.

I have 1000 users in my AD and I want to associate these 25 licenses to specific users without changing anything in AD, I don't want to create separate OU for these 25 users.


For anyone that you want to assign a PMP license to, you will need to have those users within their own AD group, it's not possible to specify which users within a group will get a PMP license.

So you mean to say if I have different users from different groups I cannot associate, For them, i need to create one OU in AD and then need to import to TMS ???

This is very bad man how we will make customers agree to change the AD configuration 

Correct, Conductor will raise an alarm when the number of PMP license owners exceeds the number of installed PMP licenses.

You do not need to create a new OU necessarily.  As long as all the users required currently belong to the same OU (even if they're not the only members), then you can use an LDAP filter to get only the users you want. There are many possible filters, and the right one will depend how users are currently setup, and other variables. There are many online resources on how to setup LDAP filters, as well as the CMS Deployment Guides. The simplest is usually to make the CMS users part of the same Group, and filter on that.

You can create a group within TMSPE that identifies your PMP users, and use LDAP filters to import users allowed to have a PMP license.  The filter could be based on an identifier within their AD profile, or it could import users that are a member of a specific AD group that contains only your PMP users.

My comments above were based on just that:

  1. Create a security group within AD (not to be mistaken with an OU) that contained the PMP users
  2. Create a group within TMSPE, and import the members of the AD security group by use of an LDAP filter.

One thing to note, that on any other group, you will need to make sure you omit any PMP user that is a member of the AD security group that you're importing.  If you do not and the user is a member of more than one TMSPE group, that user will then start to be moved from group to group when TMSPE syncs the groups with AD.

Anthony, i am agreed with your points we can use LDAP filters. How we will do filtering if I want to use random users from my AD-like directors, Managers, IT Admins and so on.

is there any solution for this  ???

cisco should put some option in TMSPE inside to associate PMP licenses with a specific user.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: