01-18-2021 10:09 AM
I wanted to know if I change the ad so that users have a new domain, those that are currently and that have a device associated, are they deleted? I mean the ones that I will import is the same user id but what changes the @domain. someone happened this scenario? the idea is just to change the SRVs pointing to the FQDNs and see the user validation in the AD. thanks
01-18-2021 10:37 AM - edited 01-18-2021 01:54 PM
Even if the actual user name is the same the user would have a different GUID (Global Unique Identifier). So in reality the user objects are different. As of this all users from the old domain would be lost.
01-18-2021 10:48 AM
I understand, and being able to sync from two different ADs to have the two users. Example user1@example1.com and user1@example2.com This is possible. From what I read it is not possible. I am right?
thanks
01-18-2021 10:24 PM
Depending upon how you define the user ID in CM for the directory you could get both users to show up from the two domains. You can setup synchronisation with multiple domains, but only one of these can be used for authentication. If you want to use authentication for both you’ll need to have both domains joined together by some Microsoft thing, ADAM I think it’s named. Then you’ll point to that for authentication.
01-18-2021 01:33 PM
With all other LDAP platforms, the attribute that is mapped to User ID is the key for that account in Unified CM. Changing that attribute in LDAP will result in a new user being created in Unified CM, and the original user will be marked inactive.
https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/collab12/collab12/directry.html
If the ObjectGUID changes by doing what you plan, then you'd end up with new users.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide