Hi
I'd like to propose that Unity Connection get feature parity in terms of programmatic AD Integration with CUCM.
On CUCM, you can do the following:
1) Create a user that is linked with a an ldap directory (using ldapProfileName and userIdentity) - so that the next ldap sync picks up on that link and updates the user as usual.
2) Detach a user from the ldap sync (using convertUserAccount or sending empty ldapProfileName and userIdentity) - or in other word, convert ldap user to local user
3) Re-attach user to ldap by once again filling out ldapProfileName and useridentity
On CUC, you can't do any of that. Given that the dirsync code is shared, the same should be possible in CUC. In fact, there's a flag to disable AD Integration (LdapType) but even though you can set it, it does not disable AD Integration.
There are multiple ways this could be achieved:
1) There's a way to trigger the ldap sync, with a filter that allows to sync just one user. The command runs until the operation is complete. At that point, you can do an import as usual. Updating users will be changed so that you can detach and re-attach a user from ldap (changing LdapType should really detach the user.. or there's a separate convertUserToLocal command.. either would work)
2) An approach more similar to cucm.. there should be a way to list ldap directories, then upon creating a user, you'd specify the samaccountname/upn and ldap directory pkid to allow the dirsync process to pick it up. And then the same means to convert to local/back to ldap as in 1).
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
I will but it a feature enhancement for that, I will probably not get to it until early next week, but I will let you know when I do it.
Thank You,
Jock
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Comments
0 comments
Please sign in to leave a comment.