Deployment Recommendations¶
Option 1 - LDAP Search (Preferred)¶
To meet user uniqueness for provisioning in VOSS Automate, we suggest that the CUCM LDAP Search feature is used for Directory Search capabilities. LDAP Search limits the CUCM database size, reducing both UCM/VOSS Automate upgrade windows and VOSS Automate sync times.
We strongly recommend using LDAP Filtering or multiple explicit bind agreements in UCM. Uniquely sync Users to each CUCM Cluster. If this is not possible, a hybrid approach using complementary Model Instance Filters (MIFs) can be applied, as detailed in Option 2.
Option 2 - Model Instance Filters (MIFs)¶
If LDAP Search is not acceptable, use Model Instance Filters to provide userid uniqueness. The ‘telephoneNumber’ LDAP attribute is currently the most accurate mechanism to filter users.
If you want to explore other fields to use for the MIF, then practically it needs to be a user field that UCM pulls from the LDAP sync and is also in the listUser AXL response. The UCM User setting candidates based on those that can be pulled from LDAP are:
User ID
First Name
Middle Name
Last Name
Manager ID
Department
Telephone Number
Mail ID
Title
Home Number
Mobile Number
Pager Number
Directory URI
Display Name
This is highly effective for geo-deployments. For ‘flat’ multi-cluster deployments, you may need to consider alternatives (refer to the Caveats and Limitations section below). An efficient configuration for a geo-cluster deployment, for example US cluster and APAC cluster, MIF’s macro is suggested below. This filters based on E.164 country code:
(( fn.containsIgnoreCase +49,input.telephoneNumber == True)) <{{input.telephoneNumber}}>
For Bottom-Up LDAP synced deployments, filtering should rely on LDAP attributes, and not on CUCM provisioning attributes, for example the Home Cluster field. Using CUCM fields creates a non- VOSS Automate local cluster provisioning dependency. We recommend this to ensure consistent filtering and to retain consistency through MACDs.
There are several caveats for Unity Connection relating to duplicate userids, and constructing useful CUC MIFs due to the lack of applicable LDAP fields to do this effectively. We strongly recommend that you make sure that each userid is unique when setting up LDAP agreements directly on CUC for bottom-up user integrations. Refer to Caveats and Limitations for more information.