CCIE Collaboration Written – Question on LDAP
There is a question which you may get when you write CCIE Collaboration Written. The question is on LDAP.
Question: A User is an active user on Cisco Unified CM Deployment with fully functional LDAP synchronization and authentication to an Active Directory. Daily resync is set at 11:00 PM. At 10 PM, the user was deleted from AD. What would the user experience when he attempts to login to Extension Mobility at an IP Phone and then access his Unified CM User Options Page at 11:30 PM.
Answer: The user will not be allowed to Login to Extension Mobility as well as Unified CM User Options Page. The reason being the user will become Inactive in Cisco Unified Communications Manager as the user was deleted from LDAP at 10:00 PM, LDAP sync happened at 11:00 PM and the user tried to login at 11:30 PM.
Question: What would have been the behavior if the user would have tried to login at 10:30 PM?
Answer: The user should have allowed to login to Extension Mobility but he will be declined to login to Unified CM User Options Page stating that “An LDAP error has occurred. Contact your system administrator”. The reason is Cisco Unified Communications Manager End User will still show it as “Active LDAP Synchronized User” because the sync is yet to happen which is scheduled for 11:00 PM.
I am working in an IT company and having 10+ years of experience into Cisco IP Telephony and Contact Center. I have worked on products like CUCM, CUC, UCCX, CME/CUE, IM&P, Voice Gateways, VG224, Gatekeepers, Attendant Console, Expressway, Mediasense, Asterisk, Microsoft Teams, Zoom etc. I am not an expert but i keep exploring whenever and wherever i can and share whatever i know. You can visit my LinkedIn profile by clicking on the icon below.
“Everyone you will ever meet knows something you don’t.” ― Bill Nye