11-21-2012 12:51 PM - edited 03-19-2019 05:54 AM
I have a Unity Connection 8.6 server that is integrated with AD. My main issue going forward is the user maintenance. If a user is disabled in AD, the user's LDAP integration status changes from "Do Not Integrate with LDAP Directory". I understand this is default behavior when the server syncs with AD just as it does on CUCM. When administering thousands of accounts, there are going to be times that I'm not notified of someone leaving the company (more often than not). I need a way to search for these users in the server as most, if not all users are LDAP synced with mailbox. I have tried exporting the users with mailbox and I can't find any difference between an active and inactive AD user.
Any suggestions?
Brian
11-23-2012 12:25 PM
Hi Brian,
If you use BAT in Unity Connection and export users with mailboxes, when Connection is integrated directly with AD, the LdapCcmUserId field will be present with their AD username, when it's disabled, the field will be blank.
HTH,
Chris
11-23-2012 07:15 PM
That's what I assumed too. I had already exported the users and found that is not the case. I just checked Active Directory on some users that are disabled and they are now set to "Do not sync" in Unity Connection administration but the LdapCcmUserId is still populated.
-Brian
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide