cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Walkthrough Wednesdays
428
Views
0
Helpful
2
Replies
Brian Ambrose
Beginner

How to find Unity Connection 8.6 users whose AD account is disabled

I have a Unity Connection 8.6 server that is integrated with AD. My main issue going forward is the user maintenance. If a user is disabled in AD, the user's LDAP integration status changes from "Do Not Integrate with LDAP Directory". I understand this is default behavior when the server syncs with AD just as it does on CUCM. When administering thousands of accounts, there are going to be times that I'm not notified of someone leaving the company (more often than not). I need a way to search for these users in the server as most, if not all users are LDAP synced with mailbox. I have tried exporting the users with mailbox and I can't find any difference between an active and inactive AD user.

Any suggestions?

Brian

2 REPLIES 2
clileikis
Rising star

Hi Brian,

If you use BAT in Unity Connection and export users with mailboxes, when Connection is integrated directly with AD, the LdapCcmUserId field will be present with their AD username, when it's disabled, the field will be blank.

HTH,

Chris

That's what I assumed too. I had already exported the users and found that is not the case. I just checked Active Directory on some users that are disabled and they are now set to "Do not sync" in Unity Connection administration but the LdapCcmUserId is still populated.

-Brian

Content for Community-Ad

Spotlight Awards 2021