<html><head><style type='text/css'>p { margin: 0; }</style></head><body><div style='font-family: Verdana; font-size: 10pt; color: #000000'>Anything that prevents authentication would affect services. So, the few that I can think of:<br><ul><li>passwords set to expire (change on next login)</li><li>accounts set to expire (calendar entry)</li><li>accounts with no last name (before/after first import)</li></ul><p>The third really affects the ability of the LDAP sync to import the account. <br></p><span><br><span name="x"></span>---<br>Lelio Fulgenzi, B.A.<br>Senior Analyst (CCS) * University of Guelph * Guelph, Ontario N1G 2W1<br>(519) 824-4120 x56354 (519) 767-1060 FAX (ANNU)<br>^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^<br>Cooking with unix is easy. You just sed it and forget it. <br> - LFJ (with apologies to Mr. Popeil)<br><span name="x"></span><br></span><br><hr id="zwchr"><b>From: </b>"Scott Voll" <svoll.voip@gmail.com><br><b>To: </b>"Patrick Mowry" <pmowry@getgds.com><br><b>Cc: </b>cisco-voip@puck.nether.net<br><b>Sent: </b>Tuesday, January 31, 2012 9:33:42 AM<br><b>Subject: </b>Re: [cisco-voip] CUCM 8.6 with AD: User appears in End users, but cannot login<br><br>I don't believe AD has anything to do with it..... all the permissions are added in the end user settings in CM.<div><br></div><div>Scott<br><br><div class="gmail_quote">On Mon, Jan 30, 2012 at 12:43 PM, Patrick Mowry <span dir="ltr"><<a href="mailto:pmowry@getgds.com" target="_blank">pmowry@getgds.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Issue resolved. Accounts were flagged as must change password @ next login and we do not have rights to log in to their machines. Clearing the flag cleared the problem.<br>
<br>
But if there is a list of minimum rights/attributes in AD for UC applications to log in I would still like to know.<br>
<div class="HOEnZb"><div class="h5"><br>
<br>
<br>
<br>
<br>
On Jan 30, 2012, at 1:34 PM, "Patrick Mowry" <<a href="mailto:pmowry@getgds.com" target="_blank">pmowry@getgds.com</a>> wrote:<br>
<br>
> Hello,<br>
><br>
> I have a CUCM 8.6 system using Active Directory for LDAP. The customer<br>
> has created AD accounts for us to use for testing Ccx and CUPs. They are<br>
> able to log in to UC applications with their AD credentials just fine, but<br>
> not with the accounts created for us. Our accounts have very limited<br>
> rights. I'm unable to find the minimum settings in AD to allow logins to<br>
> work. Can you point me in the right direction?<br>
><br>
> Once again, AD integration works for most users, but contractor accounts<br>
> appear in End Users, but cannot log in.<br>
><br>
> Thanks,<br>
><br>
> -Patrick<br>
><br>
<br>
_______________________________________________<br>
cisco-voip mailing list<br>
<a href="mailto:cisco-voip@puck.nether.net" target="_blank">cisco-voip@puck.nether.net</a><br>
<a href="https://puck.nether.net/mailman/listinfo/cisco-voip" target="_blank">https://puck.nether.net/mailman/listinfo/cisco-voip</a><br>
</div></div></blockquote></div><br></div>
<br>_______________________________________________<br>cisco-voip mailing list<br>cisco-voip@puck.nether.net<br>https://puck.nether.net/mailman/listinfo/cisco-voip<br></div></body></html>