cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
815
Views
0
Helpful
2
Replies

How to find Unity Connection 8.6 users whose AD account is disabled

Brian Ambrose
Level 1
Level 1

I have a Unity Connection 8.6 server that is integrated with AD. My main issue going forward is the user maintenance. If a user is disabled in AD, the user's LDAP integration status changes from "Do Not Integrate with LDAP Directory". I understand this is default behavior when the server syncs with AD just as it does on CUCM. When administering thousands of accounts, there are going to be times that I'm not notified of someone leaving the company (more often than not). I need a way to search for these users in the server as most, if not all users are LDAP synced with mailbox. I have tried exporting the users with mailbox and I can't find any difference between an active and inactive AD user.

Any suggestions?

Brian

2 Replies 2

clileikis
Level 7
Level 7

Hi Brian,

If you use BAT in Unity Connection and export users with mailboxes, when Connection is integrated directly with AD, the LdapCcmUserId field will be present with their AD username, when it's disabled, the field will be blank.

HTH,

Chris

That's what I assumed too. I had already exported the users and found that is not the case. I just checked Active Directory on some users that are disabled and they are now set to "Do not sync" in Unity Connection administration but the LdapCcmUserId is still populated.

-Brian

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: