[Index]

Model: relation/HcsLdapUserSyncREL

LDAP User Sync

For LDAP server setup and authentication settings, see: Set up an LDAP Server.

Follow these steps to set up an LDAP for user synchronization. This process synchronizes users from the configured LDAP directory into VOSS-4-UC. The users then appear at the hierarchy node at which the LDAP User Sync object exists. You can manage the users through User Management menu options (for example, move users to other hierarchies, or push to Cisco Unified Communications Manager).

Note

The LDAP Authentication Only check box is available only in VOSS-4-UC.

Procedure

  1. Log in as provider, reseller, or customer administrator.
  2. Set the hierarchy path to the node of the LDAP server you want to synchronize users from.
  3. Choose LDAP Management > LDAP User Sync.
  4. Click Add and provide the following information:
Field Description
LDAP Server* This read-only field displays the LDAP Server you are synchronizing users from.
LDAP Authentication Only

Important:

Leave the check box clear to synchronize users from LDAP.

Default is Clear. When cleared, users are synchronized from the configured LDAP directory and their passwords are authenticated against the configured LDAP directory. When selected, users are not synchronized from the configured LDAP directory, but their passwords are authenticated against the LDAP directory. When selected, you can manually add users from the GUI or API, bulk load them, or synchronize them from Cisco Unified CM.
User Model Type

The User Model Type identifies which LDAP object, defined in the configured LDAP server, is used to import and authenticate users.

If the LDAP server is Microsoft Active Directory, the default is device/ldap/user.

If the LDAP server is AD LDS (ADAM), this should be set to device/ldap/userProxy.

If the LDAP server is OpenLDAP, the default is device/ldap/inetOrgPerson.

To identify a non-default User Model Type to use, contact the LDAP server administrator.
LDAP Authentication Attribute The attribute used for creating an LDAP user. This value will be used for LDAP authentication against LDAP when the LDAP Authentication Only check box is selected (see above field).
User Entitlement Profile

Choose the User Entitlement Profile that specifies the devices and services to which users synchronied users synchronized from the LDAP server are entitled.

The chosen entitlement profile is assigned to each synchronized user. It is checked during user provisioning to ensure the user's configuration does not exceed the allowed services and devices specified in the entitlement profile.
User Role (default)* The default role to assign to the synced user (if no other LDAP Custom Role Mappings are applicable for the synced user, then this fallback/default role will be applied). This field is mandatory.
User Move Mode Indicates whether users are automatically moved to sites based on the filters and filter order defined in User Management > Manage Filters.
User Delete Mode Indicates whether users are automatically deleted from VOSS-4-UC if they are deleted from the LDAP directory. If set to automatic, all subscriber resources associated with the user, such as a phone, are also deleted.
User Purge Mode Indicates whether users are automatically deleted from VOSS-4-UC if they are purged from the LDAP device model. An administrator can remove the LDAP user from the device layer even if the user has not been removed from the LDAP directory.
  1. Inspect the default mappings and modify if required, see User Field Mapping.
  2. Click Save.

An LDAP synchronization is scheduled, but is not activated by default. See Synchronize Users from LDAP.

Note

A number of fields are also always and not imported by VOSS-4-UC during LDAP synchronization - see: LDAP Integration

Model Details: relation/HcsLdapUserSyncREL

Title Description Details
LDAP Server The assoicated LDAP server host.
  • Field Name: ldapServer
  • Type: String
  • Target: data/Ldap
  • MaxLength: 1024
  • Format: uri
LDAP Authentication Only This LDAP Server is only used fo Authentication purpose. Default: false
  • Field Name: ldapAuthOnly
  • Type: Boolean
  • Default: false
User Model Type The LDAP model type for users. Default: device/ldap/user
  • Field Name: userModelType
  • Type: String
  • Default: device/ldap/user
  • MaxLength: 1024
LDAP Authentication Attribute This field is the attribute from NormalizedUser, which will be used for creating LdapUser. And this value will be used for LDAP Authentication against LDAP when LDAP Authentication Only is checked.
  • Field Name: userMappingAttr
  • Type: String
  • MaxLength: 1024
  • Choices: [" "]
User Entitlement Profile The default user server profile for users added via sync.
  • Field Name: userEntitlementProfile
  • Type: String
  • Target: data/HcsEntitlementProfileDAT
  • MaxLength: 1024
  • Format: uri
User Role (default) The default role to assign to the synced user (if no other LDAP Custom Role Mappings are applicable for the synced user, then this fallback/default role will be applied).
  • Field Name: userRole
  • Type: String
  • Target: data/Role
  • Target attr: name
  • MaxLength: 1024
  • Format: uri
User Language The default user language for users added via sync.
  • Field Name: userLanguage
  • Type: String
  • Target: data/Language
  • Target attr: name
  • MaxLength: 1024
  • Format: uri
User Move Mode The behavior for moving users to site. Setting this value to Automatic will trigger the system to apply the move filters (refer to User Management) automatically when users are sync'd into the system. Automatic is only applicable to creating new users. Setting this value to Manual means that users must be moved to site by an Adminstrator (refer to User Management). Default: Automatic
  • Field Name: userMoveMode
  • Type: String
  • Default: Automatic
  • MaxLength: 1024
  • Choices: ["Automatic", "Manual"]
User Delete Mode The behavior for handling users who are deleted from the LDAP directory. Setting this value to Automatic will trigger the system to automatically delete system settings associated with the user. Setting this value to Manual means that users deleted from the LDAP directory are no longer LDAP Integrated. Manual action by an Administrator is required to remove user settings. Default: Manual
  • Field Name: userDeleteMode
  • Type: String
  • Default: Manual
  • MaxLength: 1024
  • Choices: ["Automatic", "Manual"]
User Purge Mode Default: Automatic
  • Field Name: userPurgeMode
  • Type: String
  • Default: Automatic
  • MaxLength: 1024
  • Choices: ["Automatic", "Manual"]
Information Information regarding the specified action.
  • Field Name: info
  • Type: String
  • MaxLength: 1024
Field Mapping
  • Field Name: FieldMapping
  • Type: Object
LDAP Username * The LDAP field mapped to the user's login attribute.
  • Field Name: FieldMapping.ldap_username
  • Type: String
  • MaxLength: 1024
Data Username The LDAP field mapped to the user's login attribute for local authentication.
  • Field Name: FieldMapping.data_username
  • Type: String
  • MaxLength: 1024
Building Name The LDAP field mapped to the user's building name.
  • Field Name: FieldMapping.buildingName
  • Type: String
  • MaxLength: 1024
C The LDAP field mapped to the user's country.
  • Field Name: FieldMapping.c
  • Type: String
  • MaxLength: 1024
Department Number The LDAP field mapped to the user's department number.
  • Field Name: FieldMapping.departmentNumber
  • Type: String
  • MaxLength: 1024
Directory URI The LDAP field mapped to the user's directory URI.
  • Field Name: FieldMapping.directoryUri
  • Type: String
  • MaxLength: 1024
Display Name The LDAP field mapped to the user's display name.
  • Field Name: FieldMapping.displayName
  • Type: String
  • MaxLength: 1024
Employee Number The LDAP field mapped to the user's employee number.
  • Field Name: FieldMapping.employeeNumber
  • Type: String
  • MaxLength: 1024
Employee Type The LDAP field mapped to the user's employee type.
  • Field Name: FieldMapping.employeeType
  • Type: String
  • MaxLength: 1024
Facsimile Telephone Number The LDAP field mapped to the user's FAX number.
  • Field Name: FieldMapping.facsimileTelephoneNumber
  • Type: String
  • MaxLength: 1024
Given Name The LDAP field mapped to the user's first name.
  • Field Name: FieldMapping.givenName
  • Type: String
  • MaxLength: 1024
Home Phone The LDAP field mapped to the user's home phone number.
  • Field Name: FieldMapping.homePhone
  • Type: String
  • MaxLength: 1024
IP Phone The LDAP field mapped to the user's IP phone number.
  • Field Name: FieldMapping.ipPhone
  • Type: String
  • MaxLength: 1024
Jabber ID The LDAP field mapped to the user's Jabber ID.
  • Field Name: FieldMapping.jabberID
  • Type: String
  • MaxLength: 1024
L The LDAP field mapped to the user's city.
  • Field Name: FieldMapping.l
  • Type: String
  • MaxLength: 1024
Mail The LDAP field mapped to the user's email address.
  • Field Name: FieldMapping.mail
  • Type: String
  • MaxLength: 1024
Manager The LDAP field mapped to the user's manager.
  • Field Name: FieldMapping.manager
  • Type: String
  • MaxLength: 1024
Member Of The LDAP field mapped to the user's groups.
  • Field Name: FieldMapping.memberOf
  • Type: String
  • MaxLength: 1024
Mobile The LDAP field mapped to the user's mobile phone number.
  • Field Name: FieldMapping.mobile
  • Type: String
  • MaxLength: 1024
O The LDAP field mapped to the user's organization name.
  • Field Name: FieldMapping.o
  • Type: String
  • MaxLength: 1024
Object Class
  • Field Name: FieldMapping.objectClass
  • Type: String
  • MaxLength: 1024
Other Mailbox
  • Field Name: FieldMapping.otherMailbox
  • Type: String
  • MaxLength: 1024
Ou The LDAP field mapped to the user's organization unit name.
  • Field Name: FieldMapping.ou
  • Type: String
  • MaxLength: 1024
Photo URL The LDAP field mapped to the user's photo URL.
  • Field Name: FieldMapping.photoURL
  • Type: String
  • MaxLength: 1024
Physical Delivery Office Name The LDAP field mapped to the user's post office.
  • Field Name: FieldMapping.physicalDeliveryOfficeName
  • Type: String
  • MaxLength: 1024
Postal Code The LDAP field mapped to the user's postal code.
  • Field Name: FieldMapping.postalCode
  • Type: String
  • MaxLength: 1024
Preferred Language The LDAP field mapped to the user's preferred language.
  • Field Name: FieldMapping.preferredLanguage
  • Type: String
  • MaxLength: 1024
Sn * The LDAP field mapped to the user's last name.
  • Field Name: FieldMapping.sn
  • Type: String
  • MaxLength: 1024
St The LDAP field mapped to the user's state.
  • Field Name: FieldMapping.st
  • Type: String
  • MaxLength: 1024
Street The LDAP field mapped to the user's street.
  • Field Name: FieldMapping.street
  • Type: String
  • MaxLength: 1024
Telephone Number The LDAP field mapped to the user's telephone number.
  • Field Name: FieldMapping.telephoneNumber
  • Type: String
  • MaxLength: 1024
Timezone The LDAP field mapped to the user's time zone.
  • Field Name: FieldMapping.timezone
  • Type: String
  • MaxLength: 1024
Title The LDAP field mapped to the user's title.
  • Field Name: FieldMapping.title
  • Type: String
  • MaxLength: 1024
Uid The LDAP field mapped to the user's userid.
  • Field Name: FieldMapping.uid
  • Type: String
  • MaxLength: 1024
Unverified Mail Box The LDAP field mapped to the user's unverified mailbox.
  • Field Name: FieldMapping.unverifiedMailBox
  • Type: String
  • MaxLength: 1024
Custom String 1 The LDAP field mapped to a custom string.
  • Field Name: FieldMapping.customString1
  • Type: String
  • MaxLength: 1024
Custom String 2 The LDAP field mapped to a custom string.
  • Field Name: FieldMapping.customString2
  • Type: String
  • MaxLength: 1024
Custom String 3 The LDAP field mapped to a custom string.
  • Field Name: FieldMapping.customString3
  • Type: String
  • MaxLength: 1024
Custom String 4 The LDAP field mapped to a custom string.
  • Field Name: FieldMapping.customString4
  • Type: String
  • MaxLength: 1024
Custom String 5 The LDAP field mapped to a custom string.
  • Field Name: FieldMapping.customString5
  • Type: String
  • MaxLength: 1024
Custom List of Strings 1 The LDAP field mapped to a custom list of strings.
  • Field Name: FieldMapping.customListOfStrings1
  • Type: String
  • MaxLength: 1024
Custom List of Strings 2 The LDAP field mapped to a custom list of strings.
  • Field Name: FieldMapping.customListOfStrings2
  • Type: String
  • MaxLength: 1024
Custom List of Strings 3 The LDAP field mapped to a custom list of strings.
  • Field Name: FieldMapping.customListOfStrings3
  • Type: String
  • MaxLength: 1024
Custom List of Strings 4 The LDAP field mapped to a custom list of strings.
  • Field Name: FieldMapping.customListOfStrings4
  • Type: String
  • MaxLength: 1024
Custom List of Strings 5 The LDAP field mapped to a custom list of strings.
  • Field Name: FieldMapping.customListOfStrings5
  • Type: String
  • MaxLength: 1024
Shadow
  • Field Name: shadow.[n]
  • Type: Array
  • Cardinality: [0..1]
Name *
  • Field Name: shadow.[n].name
  • Type: String
  • MaxLength: 1024
User Field Mapping
  • Field Name: UserFieldMapping
  • Type: Object
Name * The name of the user mapping object.
  • Field Name: UserFieldMapping.name
  • Type: String
Description The description of the user mapping object.
  • Field Name: UserFieldMapping.description
  • Type: String
Application name * Application name like CUCM, LDAP, CUC
  • Field Name: UserFieldMapping.application
  • Type: String
  • Target: data/UserSyncSource
  • Target attr: name
  • Format: uri
Model Type The model type used for this LDAP server.
  • Field Name: UserFieldMapping.model_type
  • Type: String
Data Exist Flag to see if data exists for the server. If data exist the username and email fields will be disabled. These mappings cannot be changed once data exists.
  • Field Name: UserFieldMapping.data_exist
  • Type: Boolean
User Name The username corresponding to the the Username in Cisco Unified Communications Manager and Cisco Unity Connection server.
  • Field Name: UserFieldMapping.username
  • Type: String
Email Address The email address corresponding to the the Username in Cisco Unified Communications Manager and Cisco Unity Connection server.
  • Field Name: UserFieldMapping.email
  • Type: String
First Name The first name corresponding to the user first name in Cisco Unified Communications Manager and Cisco Unity Connection server.
  • Field Name: UserFieldMapping.first_name
  • Type: String
Last Name The last name corresponding to user last name in Cisco Unified Communications Manager and Cisco Unity Connection server.
  • Field Name: UserFieldMapping.last_name
  • Type: String
Password The password corresponding to the user password in Cisco Unified Communications Manager. The password is hidden.
  • Field Name: UserFieldMapping.password
  • Type: String
Building Name Building name or number.
  • Field Name: UserFieldMapping.building_name
  • Type: String
Country Country name.
  • Field Name: UserFieldMapping.country
  • Type: String
Department Department names and numbers.
  • Field Name: UserFieldMapping.department
  • Type: String
Directory URI Alphanumeric Directory URI (e.g. SIP URI)
  • Field Name: UserFieldMapping.directory_uri
  • Type: String
Display Name Display name of the user
  • Field Name: UserFieldMapping.display_name
  • Type: String
Employee Number Employee number of the user
  • Field Name: UserFieldMapping.employee_number
  • Type: String
Employee Type Employee type
  • Field Name: UserFieldMapping.employee_type
  • Type: String
Facsimile Telephone Number Facsimile Telephone Number
  • Field Name: UserFieldMapping.facsimile_telephone_number
  • Type: String
Home Phone Contains strings that represent the user's home phone number(s).
  • Field Name: UserFieldMapping.home_phone
  • Type: String
IP Phone Contains strings that represent the user's IP phone number(s).
  • Field Name: UserFieldMapping.ip_phone
  • Type: String
Jabber ID Jabber ID
  • Field Name: UserFieldMapping.jabber_id
  • Type: String
City Contains the name of a person's locality.
  • Field Name: UserFieldMapping.city
  • Type: String
Manager Manager.
  • Field Name: UserFieldMapping.manager
  • Type: String
Member Of The user can be a member of a variety of groups.
  • Field Name: UserFieldMapping.member_of
  • Type: String
Mobile Contains strings that represent the user's IP mobile number(s).
  • Field Name: UserFieldMapping.mobile
  • Type: String
Organization The name of the person's organization.
  • Field Name: UserFieldMapping.organization
  • Type: String
Object Class Object Class.
  • Field Name: UserFieldMapping.object_class
  • Type: String
Other Mailbox Other Mailbox.
  • Field Name: UserFieldMapping.other_mailbox
  • Type: String
Organizational Unit The name of the person's organization unit.
  • Field Name: UserFieldMapping.ou
  • Type: String
Photo URL Photo URL.
  • Field Name: UserFieldMapping.photo_url
  • Type: String
Physical Delivery Office Name Physical Delivery Office Name.
  • Field Name: UserFieldMapping.physical_delivery_office_name
  • Type: String
Postal Code Contains code used by a Postal Service to identify postal service zones.
  • Field Name: UserFieldMapping.postal_code
  • Type: String
Preferred Language Preferred Language.
  • Field Name: UserFieldMapping.preferred_language
  • Type: String
State Contains full names of state or province.
  • Field Name: UserFieldMapping.state
  • Type: String
Street Contains site information from a postal address.
  • Field Name: UserFieldMapping.street
  • Type: String
Telephone Number Telephone Number.
  • Field Name: UserFieldMapping.telephone_number
  • Type: String
Timezone Timezone.
  • Field Name: UserFieldMapping.timezone
  • Type: String
Title Title.
  • Field Name: UserFieldMapping.title
  • Type: String
Unverified Mail Box Unverified Mail Box.
  • Field Name: UserFieldMapping.unverified_mailbox
  • Type: String
Custom String 1 Custom String
  • Field Name: UserFieldMapping.customString1
  • Type: String
Custom String 2 Custom String
  • Field Name: UserFieldMapping.customString2
  • Type: String
Custom String 3 Custom String
  • Field Name: UserFieldMapping.customString3
  • Type: String
Custom String 4 Custom String
  • Field Name: UserFieldMapping.customString4
  • Type: String
Custom String 5 Custom String
  • Field Name: UserFieldMapping.customString5
  • Type: String
Custom String 6 Custom String
  • Field Name: UserFieldMapping.customString6
  • Type: String
Custom String 7 Custom String
  • Field Name: UserFieldMapping.customString7
  • Type: String
Custom String 8 Custom String
  • Field Name: UserFieldMapping.customString8
  • Type: String
Custom String 9 Custom String
  • Field Name: UserFieldMapping.customString9
  • Type: String
Custom String 10 Custom String
  • Field Name: UserFieldMapping.customString10
  • Type: String
Custom List of Strings 1 Custom List of Strings
  • Field Name: UserFieldMapping.customListOfStrings1
  • Type: String
Custom List of Strings 2 Custom List of Strings
  • Field Name: UserFieldMapping.customListOfStrings2
  • Type: String
Custom List of Strings 3 Custom List of Strings
  • Field Name: UserFieldMapping.customListOfStrings3
  • Type: String
Custom List of Strings 4 Custom List of Strings
  • Field Name: UserFieldMapping.customListOfStrings4
  • Type: String
Custom List of Strings 5 Custom List of Strings
  • Field Name: UserFieldMapping.customListOfStrings5
  • Type: String
Custom List of Strings 6 Custom List of Strings
  • Field Name: UserFieldMapping.customListOfStrings6
  • Type: String
Custom List of Strings 7 Custom List of Strings
  • Field Name: UserFieldMapping.customListOfStrings7
  • Type: String
Custom List of Strings 8 Custom List of Strings
  • Field Name: UserFieldMapping.customListOfStrings8
  • Type: String
Custom List of Strings 9 Custom List of Strings
  • Field Name: UserFieldMapping.customListOfStrings9
  • Type: String
Custom List of Strings 10 Custom List of Strings
  • Field Name: UserFieldMapping.customListOfStrings10
  • Type: String
Custom Boolean 1 Custom Boolean
  • Field Name: UserFieldMapping.customBoolean1
  • Type: String
Custom Boolean 2 Custom Boolean
  • Field Name: UserFieldMapping.customBoolean2
  • Type: String
Custom Boolean 3 Custom Boolean
  • Field Name: UserFieldMapping.customBoolean3
  • Type: String
Custom Boolean 4 Custom Boolean
  • Field Name: UserFieldMapping.customBoolean4
  • Type: String
Custom Boolean 5 Custom Boolean
  • Field Name: UserFieldMapping.customBoolean5
  • Type: String
Custom Boolean 6 Custom Boolean
  • Field Name: UserFieldMapping.customBoolean6
  • Type: String
Custom Boolean 7 Custom Boolean
  • Field Name: UserFieldMapping.customBoolean7
  • Type: String
Custom Boolean 8 Custom Boolean
  • Field Name: UserFieldMapping.customBoolean8
  • Type: String
Custom Boolean 9 Custom Boolean
  • Field Name: UserFieldMapping.customBoolean9
  • Type: String
Custom Boolean 10 Custom Boolean
  • Field Name: UserFieldMapping.customBoolean10
  • Type: String