[cisco-voip] CUCM 8.6 LDAP Synch Issue

Clifford McGlamry cmcglamry at forsythe.com
Thu Jul 19 09:30:53 EDT 2012 

When you create the LDAP integration, you have the opportunity to define whether you are going to use the ipPhone or Telephone field.

Since this is two different LDAP connections, I'm pretty sure you should be able to define one using one method, and one the other.  This should be relatively easy to set up.  You would have to delete A's existing setup to read B's LDAP and rebuild it, but since it's not working, that shouldn't matter. When you rebuild the integration so A can see B, set the PhoneNumber field to synchronize against the telephone number field.  When B rebuilds A, set it to sync against the ipPhone number field.

If that doesn't work, I'd open a TAC case.

And if Cisco can't fix it, there is a product from Fidelus that can consolidate multiple LDAP directories to provide a single LDAP source for CUCM



Cliff

From: cisco-voip-bounces at puck.nether.net [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Boon
Sent: Thursday, July 19, 2012 4:37 AM
To: cisco-voip at puck.nether.net
Subject: [cisco-voip] CUCM 8.6 LDAP Synch Issue

Hi,
We are currently experiencing a headache with LDAP synchronisation for two of our customers with an inter-cluster link.

Here is the scenario:

 *   Customer A has an LDAP synch with Customer A Active Directory. They use 'sAMAccountName' as the UserID attribute and have populated the 'ipPhone' attribute for the CUCM telephone number.
 *   Customer B has an LDAP synch with Customer B Active Directory. They use 'telephoneNumber' as the UserID attribute and have populated the 'telephoneNumber' attribute for the CUCM telephone number.
Here is the issue:

 *   Customer A also has an LDAP synch with Customer B Active Directory and see all customer B users by using the sAMAccountName.
 *   Customer B also has an LDAP synch with Customer A Active Directory but cannot see any of customer A users by using the telephoneNumber.
This is obviously not going to be possible using the default CUCM LDAP integration configuration as Customer A does not have any data in their 'telephoneNumber' attribute in AD.

My question is whether it's possible to apply some kind of workaround to use the 'ipPhone' attribute in Customer B's CUCM LDAP integration by applying a filter somewhere?

Unfortunately neither customer wants to make any changes to either their AD or CUCM integration! :)

Any assistance or confirmation that it's a dead end would be appreciated.
Thanks.
NOTICE OF CONFIDENTIALITY:  
The information contained in this email transmission is confidential information which may contain information that is legally privileged and prohibited from disclosure under applicable law or by contractual agreement.  The information is intended solely for the use of the individual or entity named above.  
If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution or taking of any action in reliance on the contents of this email transmission is strictly prohibited.  
If you have received this email transmission in error, please notify us immediately by telephone to arrange for the return of the original transmission to us.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20120719/99645755/attachment.html>

More information about the cisco-voip mailing list