[cisco-voip] AD Sync

Kevin Przybylowski kevinp at advancedtsg.com
Wed Nov 26 09:56:29 EST 2014 

Is your new 2012 AD server virtualized?  How is the time synchronization between CUCM and AD?

From: cisco-voip [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of shabbar babrawala
Sent: Wednesday, November 26, 2014 9:43 AM
To: Ryan Huff; Sreekanth Narayanan
Cc: cisco-voip at puck.nether.net
Subject: Re: [cisco-voip] AD Sync

Hi

Cucm 9.1 win 2012

It was working before on win 2003 broken after upgrade to 2012

Regards

Shabbar
________________________________
From: ryanhuff at outlook.com<mailto:ryanhuff at outlook.com>
To: sknth.n at gmail.com<mailto:sknth.n at gmail.com>; shabbar_babrawala at hotmail.com<mailto:shabbar_babrawala at hotmail.com>
CC: cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>
Subject: RE: [cisco-voip] AD Sync
Date: Wed, 26 Nov 2014 09:38:59 -0500
What version of CUCM and What version of AD?

Has the AD sync ever worked correctly?

  *   Is this a break/fix?

     *   What changed from when it was working?
     *   Is the distinguished user the same, did that user's AD permissions change
     *   Does the distinguished user have the delegate control privilege on the domain?

  *   Is this a new install?

     *   Were any changes made to AD after the original full sync the first time?
     *   Has either the domain name of the CUCM cluster or the AD server changed since the first time the LDAP full sync was ran?
     *   Does the BIND authentication work correctly?
     *   Have you completely removed an existing user account and then re-synced from AD to see if that account re-appears?


________________________________
Date: Wed, 26 Nov 2014 16:09:51 +0530
From: sknth.n at gmail.com<mailto:sknth.n at gmail.com>
To: shabbar_babrawala at hotmail.com<mailto:shabbar_babrawala at hotmail.com>
CC: cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>
Subject: Re: [cisco-voip] AD Sync
Hi Shabbar,

What is the CUCM version?
So the users go into Inactive mode every 6 hours? Or once everyday? If once, what time does that happen and is that during a sync?
Have you taken a look at the DirSync logs during the period of failure?
What about a packet capture to see if this could be an issue due to the network?

Thanks
Sreekanth

On 26 November 2014 at 11:37, shabbar babrawala <shabbar_babrawala at hotmail.com<mailto:shabbar_babrawala at hotmail.com>> wrote:
Hi

Have a strange problem where the sync with AD has broken , everyday morning we have to keep performing a full sync as the users show inactive even though the setting is to sync every 6 hours. Have even deleted the LDAP configuration and redone but no luck.
any help is appreciated.

Shabbar

_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip


_______________________________________________ cisco-voip mailing list cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net> https://puck.nether.net/mailman/listinfo/cisco-voip
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20141126/ea8d4cc9/attachment.html>

More information about the cisco-voip mailing list