05-21-2009 10:02 AM - edited 03-18-2019 11:04 PM
Hello,
I'm trying to configure LDAP "sync" between the MeetingPlace Express and my company's AD.
Is there any way to configure 2 different domains in User Base?
e.g. DC=company1,DC=com and DC=company2,DC=com
Thanks in advance...
05-21-2009 10:43 AM
Hi -
Do you mean you are configuring LDAP in your CUCM server? MPE then uses the integration with CUCM and LDAP. It sounds like you may have two distinct trees in your AD forest? Or do you have an empty root above company 1 and company 2 you could use? In the case of a Microsoft AD forest that encompasses multiple trees, some additional considerations apply. Because a single LDAP search base cannot cover multiple namespaces, Unified CM must use a different mechanism to authenticate users across these discontiguous namespaces - which is the universal principal name (UPN). This link covers in detail - http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/srnd/7x/directry.html#wp1045381
Look at the Additional Considerations section.
Ginger
05-21-2009 11:03 AM
Not really, I'm trying to configure this on MeetingPlace. I'm syncing directly to the AD trough LDAP. But I need to sync it with two different trees.
In the MPE I can configure to sync with one tree but I wanted to sync with 2 trees simultaneously.
Do you know if it's possible?
Thanks...
05-21-2009 12:44 PM
Hi -
We're using the same version and I checked my configuration. The only way you can configure an external directory via LDAP is to select CallManager 4.X. If you select CallManager 5.X/6.X, these fields get greyed out and you select the AXL parameters instead. Are you using CallManager 4.X? If so, the LDAP search base will be your domain as you indicated. But it does not appear you can code more than one search base here.
Ginger
05-21-2009 03:20 PM
Yes...I configured using Call Manager 4.x so I could use external directory.
I guess it's not possible to configure more than one search base.
I was hoping that someone could have the same situation.
05-21-2009 06:33 PM
does your CUCM have LDAP sync & Auth?
if so, enable axl from MPE to cucm
05-25-2009 03:06 AM
Yes...I'm using CUCM 7 to sync with company's AD.
So I'm trying a different approach: Let's suppose I have synchronization between "company1" tree and CUCM. I want to sync "company2" but only to use Meeting Place resources. Is it possible to configure the CUCM to sync with DC=company2,DC=com but only to use those users in MeetingPlaceExpress?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide