Data Sync Blacklist

Administrators with permissions to access the Global instance of the settings in the data/Settings model, can create a list of device attributes that will not trigger any update workflows that may have been defined to execute during the data sync. These attributes are here called Data Sync Blacklist attributes and are excluded from data sync considerations.

The reason for this list of attributes is that while data sync operations can have a performance impact, some data sync attribute changes do not require data sync workflows to be carried out.

Note however that the local device cache will still be updated with the updated attribute data. No update workflows will be run, though. The transaction logs will indicate the updated device cache, but the transactions for these attributes instances will show as:

"Device changes on blacklisted attributes only. Updating cache, skipping workflows."

Note

After release 20.1.1 or applying patch EKB-4362-19.2.1_patch, the previously blacklisted LDAP attributes are no longer imported during LDAP syncronization:

For device/ldap/user:

  • logonCount
  • adminCount
  • lastLogonTimestamp
  • whenCreated
  • uSNCreated
  • badPasswordTime
  • pwdLastSet
  • lastLogon
  • whenChanged
  • badPwdCount
  • accountExpires
  • uSNChanged
  • lastLogofflastLogoff

A number of blacklisted attributes have been added by default:

Blacklisted device/ldap/user

  • For device/ldap/user:
    • logonCount
    • adminCount
    • lastLogonTimestamp
    • whenCreated
    • uSNCreated
    • badPasswordTime
    • pwdLastSet
    • lastLogon
    • whenChanged
    • badPwdCount
    • accountExpires
    • uSNChanged
    • lastLogoff
    • userPassword

Blacklisted device/cucm/User

  • For device/cucm/User:
    • status
    • primaryDevice
    • attendeesAccessCode
    • displayName
    • enableUserToHostConferenceNow
    • pinCredentials
    • passwordCredentials
    • associatedRemoteDestinationProfiles

Blacklisted device/cucm/Phone

  • For device/cucm/Phone:
    • keyOrder
    • elinGroup
    • ecKeySize

Blacklisted device/ldap/userProxy

  • For device/ldap/userProxy:
    • accountExpires
    • adminCount
    • badPasswordTime
    • badPwdCount
    • bind_dn
    • dSCorePropagationData
    • distinguishedName
    • employeeID
    • homeMDB
    • instanceType
    • lastLogon
    • lastLogoff
    • lastLogonTimestamp
    • legacyExchangeDN
    • logonCount
    • mDBUseDefaults
    • mailNickname
    • manager
    • msExchArchiveQuota
    • msExchArchiveWarnQuota
    • msExchBlockedSendersHash
    • msExchCalendarLoggingQuota
    • msExchDumpsterQuota
    • msExchDumpsterWarningQuota
    • msExchELCMailboxFlags
    • msExchHomeServerName
    • msExchMailboxGuid
    • msExchMailboxSecurityDescriptor
    • msExchMobileAllowedDeviceIDs
    • msExchMobileBlockedDeviceIDs
    • msExchMobileMailboxFlags
    • msExchPoliciesIncluded
    • msExchRBACPolicyLink
    • msExchRecipientDisplayType
    • msExchRecipientTypeDetails
    • msExchSafeSendersHash
    • msExchTextMessagingState
    • msExchUMDtmfMap
    • msExchUserAccountControl
    • msExchVersion
    • msExchWhenMailboxCreated
    • objectCategory
    • objectClass
    • objectGUID
    • objectSid
    • physicalDeliveryOfficeName
    • primaryGroupID
    • protocolSettings
    • proxyAddresses
    • pwdLastSet
    • sAMAccountType
    • showInAddressBook
    • textEncodedORAddress
    • uSNChanged
    • uSNCreated
    • userAccountControl
    • whenChanged
    • whenCreated
    • userPassword