07-25-2011 01:26 PM - edited 03-19-2019 03:20 AM
I have over 400 existing End Users configured in CUCM 8.5. I want to add LDAP Authentication and Synchronization.
After I add the LDAP configuration and perform a sync and assuming the End User accounts are found in LDAP, will the existing Device Association (Controlled Devices) be retained or will I need to re-associate end users to their devices?
07-25-2011 02:05 PM
All existing device associations will be retained. The only thing that changes with matching End User accounts are the fields that are provided via LDAP (ie first name, last name, department, email address etc), everything else about that account will be exactly as it was before you turned on LDAP.
07-25-2011 02:07 PM
Ok. I was worried because when I go in to create a new LDAP integration it warns me that all existing CUCM users not in LDAP will be deleted.
That raises another question. If I find that some users aren't in LDAP, are they deleted right away, or do I have a few hours or days to "fix" LDAP and rescyn in CallManager?
Thanks for the reply.
07-25-2011 02:13 PM
Yes, you get some time to fix the issue. When you list your End Users, there will be an extra column called LDAP Sync Status. Matching accounts will be listed as 'Active', whilst non-matching accounts will be marked as 'Inactive'.
They won't actually be removed until the second night, I'm not sure of the exact timing, but basically I've always found that on the day it goes inactive, I then have the rest of that day, and the following day to resolve the problem.
07-26-2011 03:43 AM
Awesome. Thanks.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide