[cisco-voip] CUCM 8.5 AD integration question or two

Roger Wiklund roger.wiklund at gmail.com
Thu Feb 23 10:28:08 EST 2012


On Thu, Feb 23, 2012 at 4:19 PM, Beck, Christopher <CBeck at usg.com> wrote:

> Having researched this, the root of that question comes down to the tree
> structure.    While CUCM can have multiple sources for user synchronization
> (whether it is one LDAP source or multiple LDAP sources), it can currently
> authenticate against only one.  Thus, you need a single source for
> authentication that will handle all users.****
>
> ** **
>
> Also, to Lelio’s second point, whatever you choose to replicate as the
> user id (samUsername, UPN, etc.) has to be unique among all directories.**
> **
>
> ** **
>
> If you don’t have a single namespace in the AD environment (and at least
> have everyone in a single forest), you should probably look at some sort of
> virtual ldap directory that can consolidate everything.****
>
> ** **
>
> ** **
>
> ** **
>
> -Chris****
>
>
>
> That's my understanding also. This is currently a problem for us as a
customer is splitting the company in two with totally separated ADs, but
they still want LDAP sync/auth in the common UCM.

Apparently this can be solved, but as you said, UCM still has a single
source for auth, and the connection between the two separate forrests must
be done by the customers ADs configuring AD LDS/ADAM and what not.

https://supportforums.cisco.com/docs/DOC-16356#Active_Directory_Multiple_Forest_Support_Scenario_in_Unified_CM
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20120223/d98ac6f8/attachment.html>


More information about the cisco-voip mailing list