Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2180
Views
10
Helpful
10
Replies

Cisco Directory Connector Integration with Active Directory

Go to solution
stevenle
Spotlight
Spotlight

‎09-06-2022 03:35 PM

We are looking to sync user accounts and user attributes between Active Directory and Control Hub. We've read through the deploy guide and installed / configured Cisco Directory connector. We have the proper permissions set up both in house and in Control hub. Within one of our OU's we created a security group that has all of our Webex users. But for some reason no matter what LDAP filter we put in we can't get it to recognize the users within the security group to sync. We have a TAC case open and they are having a tough time as well. Not sure why this is so difficult and frustrating. 

In the object selection section of the Cisco Directory connector i have this filter applied. All this does during a dry run is add the group but not the users within the group. I want all the users in that example group to be synced. Any suggestions?   

stevenle_0-1662503438752.png

 

0 Helpful
1 Accepted Solution

Go to solution
stevenle
Spotlight
Spotlight

‎09-06-2022 03:52 PM

Got this working. Posting on the forums always seem to help, so thanks! 

Put this filter in the Users section within Object Selection and now all users in the exampleusers group show up to sync (&(sAMAccountName=*)(memberOf=cn=exampleusers,ou=golf,ou=teetime,ou=tomorrow,dc=some,dc=com))  

In case anyone else runs into this issue.

View solution in original post

0 Helpful
10 Replies 10

Go to solution
Roger Kallberg
VIP
VIP

‎09-07-2022 12:11 AM - edited ‎09-09-2022 02:44 AM

The use of the filter object in the Groups part of your screenshot is not intended to be used as you understand it. It's use is for filtering what group(s) to bring into Control Hub, not the actual member(s) of the group(s). The use of these group(s) are then to use them for controlling license assignment in Control Hub.

Here is an example of how we use this in our Control Hub.
image.png



Response Signature


Go to solution
joachim.koester
Level 4
Level 4
In response to Roger Kallberg

‎03-21-2023 12:38 AM

Hello Roger,

can you send a screenshot of the Filter settings?

 

0 Helpful

Go to solution
Roger Kallberg
VIP
VIP
In response to joachim.koester

‎03-21-2023 03:24 AM

Hi @joachim.koester 
Here you go.

image.png

However as this is very specific to each system it's of not much value. This is an examples of how to form the LDAP filter, (name=<name of the group>). If you have multiple groups that you need wrap the whole thing in parentheses and add a | to make it an or statement as per the LDAP filter "language", (|(name=<name of the group 1>)(name=<name of the group 2>)). Adapt it to fit your specific needs.



Response Signature


0 Helpful

Go to solution
joachim.koester
Level 4
Level 4
In response to Roger Kallberg

‎03-22-2023 03:22 AM

Hello, thaks for the infomations.

But every entrys i tried have no responce on Groups.

Is there a Minimum Version of the Connector required? We have installed the 3.7.3000.64632 and the auto Upgrade to a newer Versin is not working. I tried different Security Groups that are defined in the AD, but there are no Groups Syncronised to Webex.

0 Helpful

Go to solution
Roger Kallberg
VIP
VIP
In response to joachim.koester

‎03-22-2023 03:37 AM

Sorry but I don't know if there is any dependency on specific version. The auto update never works for us either, so we just download the latest available anytime we'd want to update the DC. Try that and see if there is any difference.



Response Signature


0 Helpful

Go to solution
DerekD
Level 1
Level 1
In response to Roger Kallberg

‎03-22-2023 08:05 AM

Us as well and the work around for us is easy enough that we haven't raised a TAC on the issue.  Here is the notes we have on the upgrade process.....

If automatic upgrade fails, manually stop the "Cisco DirSync Service" Windows Service. Then re-run the upgrade
check which should start the upgrade process again. When the upgrade is done, the Cisco DirSync Service should be restarted (running) automatically.

0 Helpful

Go to solution
stevenle
Spotlight
Spotlight
In response to DerekD

‎03-22-2023 10:48 AM

This. I just stop the service manually and run the upgrade. Once it completes, a reboot is required. The Cisco DirSync Service starts up automatically after the boot. Worked like a charm for us.

0 Helpful

Go to solution
stevenle
Spotlight
Spotlight
In response to Roger Kallberg

‎09-07-2022 12:10 PM

Thanks for taking the time to explain. Really appreciate it.

0 Helpful

Go to solution
Vaijanath Sonvane
VIP Alumni
VIP Alumni

‎09-06-2022 03:53 PM - edited ‎09-06-2022 03:56 PM

Hi,

Recently I was in the same boat as you but I was able to resolve this issue. Instead of Groups, select Object Type as Users and try below filter:

(memberOf=CN=Webex,DC=example,DC=com)

The RED portion you can get is by OU >> Right Click >> Properties. In my case I created OU as Webex. 

LDAP_Filter.png

 

Please rate helpful posts and if applicable mark "Accept as a Solution".
Thanks, Vaijanath S.

Go to solution
stevenle
Spotlight
Spotlight

‎09-06-2022 03:52 PM

Got this working. Posting on the forums always seem to help, so thanks! 

Put this filter in the Users section within Object Selection and now all users in the exampleusers group show up to sync (&(sAMAccountName=*)(memberOf=cn=exampleusers,ou=golf,ou=teetime,ou=tomorrow,dc=some,dc=com))  

In case anyone else runs into this issue.

0 Helpful
Customers Also Viewed These Support Documents