CUCM LDAP Sync Based on User Group

If you don’t want CUCM to sync your entire LDAP directory, you will need to use a LDAP Custom Filter.  This filter can be used to sync based on AD Security Group.  The filter is:

(&(objectclass=user)(!(objectclass=Computer))(!(UserAccountControl:1.2.840.113556.1.4.803:=2)) (memberOf=CN=Demo Security Group,OU=SecondOU,OU=FirstOU,DC=DomainName,DC=com))

With this example, the name of my AD Security Group is: Demo Security Group.  Then, you must specify the entire LDAP location string of that security group.  My example would be:

-DomainName.com
–FirstOU
—SecondOU
—-Demo Security Group

Advertisements

One comment


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s