[cisco-voip] LDAP & CUCM Integration

svr.file at gmail.com svr.file at gmail.com
Thu May 14 13:55:46 EDT 2009


This is the output of the CUCM capture:

*admin:utils network capture port 389
Executing command with options:
 size=128                count=1000              interface=eth0
 src=                    dest=                   port=389
 ip=
19:50:33.251722 IP cucm7pub.52678 > 10.101.1.9.ldap: S
332011513:332011513(0) win 5840 <mss 1460,sackOK,timestamp 53692015
0,nop,wscale 2>
19:50:33.258213 IP 10.101.1.9.ldap > cucm7pub.52678: S
3972356909:3972356909(0) ack 332011514 win 64240 <mss 1460,nop,wscale
0,nop,nop,timestamp 0 0,nop,nop,sackOK>
19:50:33.258299 IP cucm7pub.52678 > 10.101.1.9.ldap: . ack 1 win 1460
<nop,nop,timestamp 53692018 0>
19:50:33.266567 IP cucm7pub.52678 > 10.101.1.9.ldap: P 1:15(14) ack 1 win
1460 <nop,nop,timestamp 53692033 0>
19:50:33.267490 IP 10.101.1.9.ldap > cucm7pub.52678: P 1:23(22) ack 15 win
64226 <nop,nop,timestamp 254075 53692033>
19:50:33.267613 IP cucm7pub.52678 > 10.101.1.9.ldap: . ack 23 win 1460
<nop,nop,timestamp 53692035 254075>
19:50:33.269813 IP cucm7pub.52678 > 10.101.1.9.ldap: P 15:60(45) ack 23 win
1460 <nop,nop,timestamp 53692036 254075>
19:50:33.291480 IP 10.101.1.9.ldap > cucm7pub.52678: P 23:45(22) ack 60 win
64181 <nop,nop,timestamp 254076 53692036>
19:50:33.307339 IP cucm7pub.52678 > 10.101.1.9.ldap: P 60:183(123) ack 45
win 1460 <nop,nop,timestamp 53692074 254076>
19:50:33.310497 IP 10.101.1.9.ldap > cucm7pub.52678: P 45:819(774) ack 183
win 64058 <nop,nop,timestamp 254076 53692074>
19:50:33.329261 IP cucm7pub.52678 > 10.101.1.9.ldap: P 183:220(37) ack 819
win 1847 <nop,nop,timestamp 53692096 254076>
19:50:33.329805 IP cucm7pub.52678 > 10.101.1.9.ldap: FP 220:256(36) ack 819
win 1847 <nop,nop,timestamp 53692097 254076>
19:50:33.331074 IP 10.101.1.9.ldap > cucm7pub.52678: . ack 257 win 63985
<nop,nop,timestamp 254076 53692096>
19:50:33.331084 IP 10.101.1.9.ldap > cucm7pub.52678: F 819:819(0) ack 257
win 63985 <nop,nop,timestamp 254076 53692096>
19:50:33.331290 IP cucm7pub.52678 > 10.101.1.9.ldap: . ack 820 win 1847
<nop,nop,timestamp 53692098 254076>*

I have a done a trace on the DirSync and sounds the follow but not sure what
it means: *Missing LDAP attribute: Attribute Count=3* ?

As far as I can see all the User Fields To Be Synchronized are correct, does
this refer to something else?

Thanks.


2009/5/15 Wes Sisk <wsisk at cisco.com>

>  2 options:
> 1. Take a packet capture of traffic between CM and your domain controller.
> Review the ldap traffic to see what is happening.  'utils network capture'
> from CLI of CM.
> 2. use RTMT to collect Dirsync logs from CM.  The checkbox in RTMT Trace
> and Log Central is called "Cisco DirSync".
>
> /Wes
>
>
> On Thursday, May 14, 2009 12:51:02 PM, svr.file at gmail.com
> <svr.file at gmail.com> <svr.file at gmail.com> wrote:
>
> I have just tested it with the domain administrator,
> administrator at domain.com as the username but still didn't import the user
> accounts.
>
>
>
> 2009/5/15 Keith Klevenski <KKlevenski at cstcorp.net>
>
>>  Make sure the AD account you created has the appropriate rights to the
>> directory.  I would test with an admin account first that way you know it
>> isn’t a rights problem.
>>
>>
>>
>>
>>
>> Keith Klevenski
>>
>> Senior Network Architect
>>
>> CST CORP
>>
>> 12210 Bedford St.
>>
>> Houston, TX 77031
>>
>> 832-613-0660 (Office - Direct)
>>
>> 713-263-1333 (Office - Fax)
>>
>> 713-677-3925 (Cell)
>>
>> http://www.cstcorp.net/
>>
>>
>>
>> *From:* cisco-voip-bounces at puck.nether.net [mailto:
>> cisco-voip-bounces at puck.nether.net] *On Behalf Of *svr.file at gmail.com
>> *Sent:* Thursday, May 14, 2009 10:39 AM
>> *To:* cisco-voip at puck.nether.net
>> *Subject:* [cisco-voip] LDAP & CUCM Integration
>>
>>
>>
>> I'm having some issues getting a Windows 2000 Server, SP4, LDAP server to
>> integrate with CUCM7.
>>
>> I have created a dedicated user account in AD for the integration, enabled
>> LDAP System server type MS AD with the User ID sAMAccountName. I have
>> configure LDAP Directory with the user account that I created in AD and the
>> LDAP User Search Base with the following format: OU=<the OU that the end
>> user accounts are in>,DC=testlab,DC=local.
>>
>> The problem is that no users are imported when I run the perform the full
>> sycn?
>>
>> Can anyone help with this problem.
>>
>> Thanks.
>>
>
> ------------------------------
>
> _______________________________________________
> cisco-voip mailing listcisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20090515/e8b6e395/attachment.html>


More information about the cisco-voip mailing list