Scope of Document : If Customer wanted to migrate from AD to LDS/ADAM without hampering any configurations related to end user which had also dependency on following components.
Difference between AD LDAP & LDS ADAM?
Now, Difference between AD LDAP & LDS/ADAM in CUCM perspective.
Below Example Acitve Directory has LDAP Attribute for User ID as-
In this sceanrio, All users syncs between CUCM & LDAP using sAMAccountName
These are options available under ADAM/LDS :-
For AD deployments, the ObjectGUID is used internally in Unified CM as the key attribute of a user. The attribute in AD that corresponds to the Unified CM User ID may be changed in AD.
For example, if sAMAccountname is being used, a user may change their sAMAccountname in AD, and the corresponding user record in Unified CM would be updated.
With all other LDAP platforms, the attribute that is mapped to User ID is the key for that account in Unified CM. Changing that attribute in LDAP will result in a new user being created in Unified CM,
and the original user will be marked inactive.
With this being said when you’re transitioning from LDAP to LDS the ObjectGUID will change unless there is a way to import the existing LDAP users into LDS while keeping the ObjectGUID attribute.
Important : LDAP Sync will match userid once we integrate CUCM with LDS & existing user will result in as Inactive & new user being created in Unified CM as AD LDS doesn't have any option of sAMAccountname & it won't match existing user.
For Example you are integrating new user's with mail for AD LDS, You will see all users with Mail address as userid coming from LDS to CUCM
First make all ldap users as local user with SQL Queries and then we can use BAT tool to pull all end user's and then change the userid on excel and user id as mail address & delete existing users from CUCM then upload these end user's via BAT & you will see those user's with there existing dependencies with set of roles, device association everything and then hit sync via LDS on CUCM and you will see existing local user as LDAP active user with email and with minimum down impact.
Please rate helpful!
... View more