- What is LDAP?
- LDAP synchronisation
- LDAP authentication
Replace CUCM local user database with LDAP database. You get several warnings enabling this and a 24 buffer is offered to rollback.
CUCM has no write access back to LDAP. This is an import only from LDAP to CUCM.
Password doesn’t come over in import
LDAP Authentication enables the CUCM the ability to check password in AD
LDAP Server Type – Microsoft Active Directory
Enable Sync from LDAP Server
LDAP Attribute for User ID: sAMAccountName from AD
*Serviceability Tools Service Activation -> Cisco DirSync Must be enabled!
LDAP -> LDAP Directory
Add new LDAP directory
Existing End Users will be deleted! (After 24 hours)
Configure LDAP! Requires LDAP knowledge
‘Sync Agreement’ has to be setup
LDAP Manager Distinguished Name: Powerful user from AD:
CN=Dean Babbage,CN=SD Admin Accounts,DC=centra,DC=local
*Talk to the Microsoft guy!
LDAP User Search Base: Where to pull accounts from?
LDAP Schedule to be defined
User Fields to match AD attributes
LDAP Server: Domain Controller in AD
Perform Full Sync now for manual sync
Inactive status is a user that is in the 24 hour window for deletion
LDAP Authentication Enable
LDAP Distinguished Name as above
Easy to enable