cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
9642
Views
2
Helpful
10
Replies

Local user to LDAP user

zheepern0826
Level 1
Level 1

Hi guys,

 

My end user profile is actually sync from AD to CUCM. I notice there is a checkbox to convert from ldap enabled user to local user . It has successfully convert to local user. Now i want it to be ldap user but there is no option to check. Please advise how to change the user back to LDAP enabled user ?? 

 

Thank you.

1 Accepted Solution

Accepted Solutions

Hi Guys,

Just an update, i tried all ways and it is not working. So i remove the user account in AD and recreate. after full sync, I can see in CUCM.

Thanks

View solution in original post

10 Replies 10

BradEast1
Level 3
Level 3

If you run a manual synchronization it should convert back to LDAP.

 

System --> LDAP --> LDAP Directory --> Select Directory --> Perform Full Sync Now

Hi BradEast1,

 

I tried to do a full sync but the user profile still not convert to ldap user.

 

Please advise any other method we can use ?

 

Thank you.

Hi There,

 

Do the users you are importing from LDAP have the exact same "userid" as the existing local users?

Hi Jonathan,

yes, the profile was actually sync from ldap to cucm. i check the convert ldap to local user checkbox and user profile become local now. I tried performed full sync many times but the profile still remain local.

Did you try deleting the local user and manual sync one more time ?

Please let me know if that works. Also make sure LDAP user has all mandatory field filled in.

Hi,

 

We tried to delete the local user profile and perform a full sync. However, we still unable to get the user profile. I have double check the AD and make sure all the mandatory field has been filled in.

 

Is there any logs i can grab from the CUCM to see why it is not sync ?

 

Thank you.

Yes, you can see logs

issue the below command

admin:file list activelog cm/trace/dirsync/log4j/ det date so you can see the files with date.

 

then file tail activelog cm/trace/dirsync/log4j/dirsyncxxxx.log

and you can try manual sync. you will be able to see some output.

 

What about if you create a new user ? Is that syncing ?

 

Hi guys,

 

based on the logs, i see below details.

 

2017-11-28 16:10:45,710 DEBUG [DirSync-DBInterface] common.DSRTMTUpdate (DSRTMTUpdate.java:51) - DSRTMTUpdate.incrementAccountsFailed Incrementing Accounts Failed counter
2017-11-28 16:10:45,710 DEBUG [DirSync-DBInterface] common.DSRTMTUpdate (DSRTMTUpdate.java:52) - DSRTMTUpdate.incrementAccountsFailed Accounts sync may fail either End user sync failed or DN -FGT creation failed
2017-11-28 16:10:45,710 ERROR [DirSync-DBInterface] common.DSDBInterface (DSDBInterface.java:607) - DSDBInterface.updateUserInfo Error code=-746
2017-11-28 16:10:45,710 ERROR [DirSync-DBInterface] common.DSDBInterface (DSDBInterface.java:608) - DSDBInterface.updateUserInfo java.sql.SQLException: 19190
MESSAGE 19190

 

Any idea what cause this to happen ?

 

Thank you very much in advance.

Hi Guys,

Just an update, i tried all ways and it is not working. So i remove the user account in AD and recreate. after full sync, I can see in CUCM.

Thanks

GI Alex
Cisco Employee
Cisco Employee

Even removing the local user is not needed. Just Perform Full Sync through CM Admin > System > LDAP > LDAP Directory > Find > Directory > Perform Full Sync (button should change to Cancel Syncing... if it doesn't restart Cisco DirSync Feature service in Serviceability).

Kind regards,
Alex