[Index]

Model: relation/HcsLdapUserSyncREL

LDAP User Sync

Full HTML Help

Overview

You'll need to set up an LDAP user sync to sync in users from a specified LDAP directory into Automate.

Users synced in from LDAP appear at the hierarchy node where the LDAP user sync object exists. Once synced in, you can manage these users in Automate (via the User Management menu). For example, you may want to move users to other hierarchies, or to push users to CUCM.

When syncing in from LDAP, some fields are always imported into Automate, while others are excluded. For details, see LDAP Integration

Delete or Retain Associated Accounts at User Sync

You can configure (via Customizations > Global Settings) the LDAP user sync to delete or retain Cisco (CUCM) subscriber voicemail and Webex accounts when running syncs after deleting a subscriber.

Related Topics

Add LDAP Sync

This procedure adds a LDAP sync to prepare for syncing users in from LDAP to Automate.

  1. Log in as Provider, Reseller, or Customer administrator.
  2. Set the hierarchy path to the node of the LDAP server you want to sync users from.
  3. Go to (default menus) LDAP Management > LDAP User Sync.
  4. Click Add.
  5. Fill out details for the sync:
Field Description
LDAP Server Mandatory. The LDAP server you're syncing from.
LDAP Authentication Only

This setting is available only in Automate, and is disabled by default.

Leave unchecked (clear) to sync in users from LDAP (from a predefined LDAP directory). In this case, the user passwords are authenticated against this LDAP directory.

Select this checkbox (enable) to prevent user sync from the predefined LDAP directory. In this case:

  • Only the users passwords are authenticated against the LDAP directory
  • You can add users manually via the GUI, API, bulk load, or sync users in from CUCM.
User Model Type

Defines the LDAP object (from the configured LDAP server), and is used to import and authenticate users.

  • When LDAP server is Microsoft Active Directory, the default is device/ldap/user.
  • When LDAP server is AD LDS (ADAM), set to device/ldap/userProxy.
  • When LDAP server is OpenLDAP, the default is device/ldap/inetOrgPerson.

Contact the LDAP server administrator if you need to identify a non-default User Model Type to use.

LDAP Authentication Attribute

The attribute used for creating an LDAP user.

When Server Type is Microsoft Active Directory, options are: employeeNumber, mail, sAMAccountName, telephoneNumber, userPrincipalName.

When Server Type is OpenLDAP, options are: employeeNumber, mail, telephoneNumber, uid.

Custom values for a deployment are also allowed.

Attribute This value is used for LDAP authentication against LDAP when LDAP Authentication Only is enabled.
User Entitlement Profile

Choose the User Entitlement Profile that specifies the devices and services to which users synced in from the LDAP server are entitled.

The chosen entitlement profile is assigned to each synced in user. It is checked during user provisioning to ensure the user's configuration does not exceed the allowed services and devices specified in the entitlement profile.

User Role (default)* The default role to assign to the synced user (if no other LDAP custom role mappings are applicable for the synced user, then this fallback/default role will be applied). Mandatory.
User Move Mode Defines whether users are automatically moved to sites based on the filters and filter order defined in User Management > Manage Filters.
User Delete Mode

Defines whether users are automatically deleted from Automate if they are deleted from the LDAP directory. If set to automatic, all subscriber resources associated with the user, such as a phone, are also deleted.

Warning

Setting this option to Automatic will delete all users from the LDAP server (in Automate and in the UC apps, phones, services, and so on).

User Purge Mode

Defines whether users are automatically deleted from Automate if they are purged from the LDAP device model. An administrator can remove the LDAP user from the device layer even if the user has not been removed from the LDAP directory.

Warning

Setting this option to Automatic will delete all users from the LDAP server (in Automate and in the UC apps, phones, services, and so on).

  1. Inspect the default mappings and modify if required, see User Field Mapping.

  2. Click Save to add the LDAP sync.

    Note

    By default, the new LDAP sync is initially inactive. See Synchronize Users from LDAP.

  3. In the Global Settings, define whether to retain or delete associated webex and/or voicemail accounts in the user sync that runs after deleting a subscriber. See topic Global Settings (Webex App tab, Voicemail tab)

Related Topics

Global Settings in the Core Feature Guide

LDAP Sync Scenarios (Top-Down and Bottom-Up)

The table summarizes the two LDAP user sync scenarios that Automate supports:

Note

Although you can have different LDAP sync types at different parts of the hierarchy, it is recommended that you run either top-down or bottom-up LDAP syncs.

Sync scenario Description
Top-down

Users are synced directly from the LDAP directory.

User data is sourced from one or more LDAP directories.

This setup defines how users are matched to be pulled in (for example, OU definition, LDAP filter, field filters, etc). Recommended for flow-through provisioning.

Bottom-up Users are synced indirectly from the LDAP directory, that is, where applications are integrated and syncing the users from the LDAP directory. For example, the system syncs via the CUCM, which is syncing to LDAP.

Note

In a top-down or bottom-up LDAP sync, a system configuration template sets the CUCM (LDAP) user's identity field (userIdentity) to the user principal name (UPN), userPrincipalName, if it exists; otherwise it uses the email address. This is useful where a user has a different email address to the UPN and needs to be correctly mapped following a LDAP sync, and then the user is moved to a site.

LDAP Sync Lists

The table describes, for LDAP sync, LDAP sync lists, arranged in override order:

  1. Always synced list
Fields required to list LDAP Users on the GUI
  1. Drop Field List
Fields never imported from LDAP
  1. Data Sync Blacklist
A change in these fields does not trigger an update
  1. Model Type List
From the LDAP data sync. Set up and used in scheduled syncs
  1. LDAP Sync List (manual or from CFT)
Fields to be imported from LDAP as set up with the LDAP server

Always Synced List

The following fields are always synced in an LDAP sync as their values are required to list LDAP users on the GUI:

Column Name Field Name
Cn cn
Uid uid
Description description
Mail mail
User Principal Name userPrincipalName
SAM Account Name sAMAccountName

Drop Field List

Any items in the LDAP Sync List from DROP_FIELD_LIST are excluded from the sync. This list is read-only.

DROP_FIELD_LIST=[
    'photo',
    'jpegPhoto',
    'audio',
    'thumbnailLogo',
    'thumbnailPhoto',
    'userCertificate',
    'logonCount',
    'adminCount',
    'lastLogonTimestamp',
    'whenCreated',
    'uSNCreated',
    'badPasswordTime',
    'pwdLastSet',
    'lastLogon',
    'whenChanged',
    'badPwdCount',
    'accountExpires',
    'uSNChanged',
    'lastLogoff',
    'dSCorePropagationData'
    ]

Data Sync Blacklist

See Data Sync Blacklist in the Advanced Configuration Guide.

An LDAP Sync List won't override any of the Data Sync Blacklist attributes (default or custom) in data/Settings. That is, for fields that appear in both the LDAP Sync List and in the Data Sync Blacklist, where the field value is different on the LDAP server, the LDAP sync won't trigger any update for the LDAP entity during a sync.

Model Type List

Given an existing LDAP server with a LDAP Sync List configured, when executing a data sync against the LDAP server, the existing Model Type List functionality from the LDAP data sync is maintained and takes precedence over the LDAP Sync List.

See:

LDAP Sync List

A new LDAP server or one that existed in the system prior to release 19.3.4 allows you to choose the LDAP Sync List Option:

The configuration template (CFT) can also be created and applied to a server. See LDAP Sync List Configuration Templates.

Important

Besides the sync override order indicated above, manual or template sync lists are bound by the following considerations:

For details on the LDAP Sync List on the LDAP server, see: Set up an LDAP Server.

Note

By default LDAP user details shown on the GUI display all device/ldap/user fields. It is recommended that you create a FDP for device/ldap/user to contain only the fields from your LDAP Sync List in order to view LDAP user details according to your configuration.

LDAP Sync List Configuration Templates

Administrators can clone the default sync list Configuration Templates (CFTs) to a hierarchy, and modify them for use during initial LDAP server setup. Modified CFTs are available at the hierarchy on the Sync List tab (from the LDAP Sync List Template drop-down).

Two default CFTs are provided. Both can be cloned:

The table describes the default CFT fields:

Ldap Sync List Microsoft Active Directory Ldap Sync List Open Ldap
Model Type: device/ldap/user Model Type: device/ldap/InetOrgPerson
sAMAccountName uid
mail mail
givenName givenName
sn sn
title title
department departmentNumber
displayName displayName
employeeNumber employeeNumber
employeeType employeeType
homePhone homePhone
ipPhone  
telephoneNumber telephoneNumber
mobile mobile
otherMailbox  
facsimileTelephoneNumber facsimileTelephoneNumber
l l
c  
streetAddress  
st street
postalCode postalCode
physicalDeliveryOfficeName physicalDeliveryOfficeName
manager manager
memberOf memberOf
objectClass objectClass
o o
ou ou

If new LDAP attribute names are added to the cloned CFT and modified on the GUI, type the names in. Initially, all attribute names are imported. The full attribute list and naming is available on the GUI Sync List tab from the default sync list for the server. See: Set up an LDAP Server.

Enter a descriptive name for the cloned CFT, which will then show in the hierarchy on the drop-down list of Sync List CFTs that are available when you modify an LDAP server or create a new server.

Multiple LDAP Organization Units Per Hierarchy

Large corporations and institutions with multiple domains or agencies may require more than one LDAP Organizational Unit (OU) to be configured at a hierarchy.

Automate allows for multiple LDAP OUs at a hierarchy by providing for a unique combination of the following LDAP server properties at the hierarchy:

Multiple search base DNs can therefore be configured at the same hierarchy for different organizations within the same company, so that administrators and self-service users can successfully authenticate. For example:

LDAP server setup:

IP Port Search base DN Hierarchy
1.2.3.4 389 ou=SharedOUA,dc=voss-solutions,dc=com Provider.Customer
1.2.3.4 389 ou=SharedOUB,dc=voss-solutions,dc=com Provider.Customer

Users:

Model Details: relation/HcsLdapUserSyncREL

Title Description Details
LDAP Server The assoicated LDAP server host.
  • Field Name: ldapServer
  • Type: String
  • Target: /api/data/Ldap/choices/?format=json&hierarchy=[hierarchy]&auth_token=%3D%3D%2480o4gUL7rDWXoBlI%24F8oq29J5mRVzDJglKmb/v%2BnmY2YcW7sWishYZezMtoQ9dToaN%2B%2BzfLZYJnnjleXRnZ9rfcUzY3f6xN24wgQBNZKgCk5kOcOR011U4I6QsREeXyKCRGBIiwNgyCP5r7PgG04XfI/OuOWhlNmu0k8bXZ6qRpYyVfjGSwwK1ycIWs7iPORwERR46mIpAQ71gi4I08wrceIZOE%2B40Vy6WdP0W2nBrMeUQaNw%2B0wIM4DBGCt4%2BqHWAA%2BiEP7T1nY0WhTl3INtioCkdeq9hOJUaNgAG/xGnGPAk1iRK0qHBjID43PV99SnaXG/6lSiHJ6F5xghpVIYrT743LLkQS3pVO9tfB8cSLHWf/nIsqDYFAXKm5FBHaeM0uuV0Ocnj9xMpCy670iU0N23RFR5I5Dhv3dzvfJKb22pbRWYzi8ZyMEXC7RM0p3boUXbLjn195cbZn7C7Rqmqnzds8tfCh6jTKlA2RtzY1pgYt1PZ4TfzMyJ%24%3D%3D
  • Target Model Type: data/Ldap
  • MaxLength: 1024
  • Format: uri
  • Choices: []
LDAP Authentication Only This LDAP Server is only used for Authentication purpose. Default: false
  • Field Name: ldapAuthOnly
  • Type: Boolean
  • Default: false
LDAP Write Back Only This LDAP Server is only used for write back purpose. This setting can be used when using a Microsoft AD onprem server that is synced to Microsoft Azure. Default: false
  • Field Name: ldapWriteBackOnly
  • Type: Boolean
  • Default: false
LDAP Write Back Template The LDAP Configuration Template to use for Write Back.
  • Field Name: ldapWriteBackOnlyTemplate
  • Type: String
  • MaxLength: 1024
User Model Type The LDAP model type for users. Default: device/ldap/user
  • Field Name: userModelType
  • Type: String
  • Default: device/ldap/user
  • MaxLength: 1024
LDAP Authentication Attribute The selected attribute of the LDAP user login. When Server Type is Microsoft Active Directory, the following default choices are populated employeeNumber, mail, sAMAccountName, telephoneNumber, userPrincipalName. When Server Type is Open LDAP, the following choices are populated employeeNumber, mail, telephoneNumber, uid. If the default choices do not fit the deployment, custom values are allowed for this field.
  • Field Name: userMappingAttr
  • Type: String
  • MaxLength: 1024
  • Choices: [" "]
User Entitlement Profile The default user server profile for users added via sync.
  • Field Name: userEntitlementProfile
  • Type: String
  • Target: /api/data/HcsEntitlementProfileDAT/choices/?format=json&hierarchy=[hierarchy]&auth_token=%3D%3D%24w01GEToAGVWnC8Z4%24iy%2Bq8YNq7OzQfiWJlARBdY0f61gyHZ4T887gzKbOqhfZGrxTNl0vEqR%2BbA61fIAPwT%2BqOHMII5R1r1dQECZsJlNB9WU/u63o9AaVTBpPB5CivAZTRC4LrBDNCt%2BU8b8IjP50pgGxnBF5mpGPYm9%2BA%2BL718ZX03xgWP1Hx9Z3Fu9YRX4ltix17ZpdciFYkLaNsCtQga0ctiuvWxxN/J0P9vqi5n5MsNzqvF4KS%2BlkP4Idb4X6IfDRATNST7tcG0mAFLZ6bUCqPcwEy3I3vA19YIXXYlX58NFQae6NiGVSB7K6TYzwg/izSQDdByHb8Gz9xl/kql50ob82N9ExroqFEHenxlt/0CdVuHvB6HNxD4tOod%2B34jqdSFRpQCqKf1WsyNOzLiOxqbiVXGj5V8zYWq5HFMym4fS5PRP8seqLBDq%2B45IMBWCDhPNCpVSAFAsoUwJzeguxceaFVPo18VsYAs1lLmhhTHb5I3wfHur%2BFwbLl9DLYt%2Bd1K0f5RSBrN0agTU%3D%24%3D%3D
  • Target Model Type: data/HcsEntitlementProfileDAT
  • MaxLength: 1024
  • Format: uri
  • Choices: []
User Role (default) The default role to assign to the synced user (if no other LDAP Custom Role Mappings are applicable for the synced user, then this fallback/default role will be applied).
  • Field Name: userRole
  • Type: String
  • Target: /api/data/Role/choices/?field=name&format=json&hierarchy=[hierarchy]&auth_token=%3D%3D%24cq0EQrTxKYjmBfRY%24vrDgfWtQMJIwxFE%2BdFoLovSQq8J%2B7ayNKpS6tFrJ5GnRObCIRzYaVefGEocvQnCblVOUjkS8Sm5m5J6Z08FUBzSx6TDCEffD4ABjFlhPOgX349fuknspaFVqb%2B/y55KagXEzqsWlW5hrs8KwOBRAizM99P7kKiAmfMu06DmzOd%2B%2Bi6Rds8sXeW5zQhIDC3gx1RpBluLLiQNlBzknvbN/9kb52ZGO87EP5sLoSO5AbtLVmcM0SEWQ/t3EEDrqARd0Drn10a/JhPqABJbJtYODVzKhkmMX1J1F4d/VyiThAkvGww/PT9NfJPtJtxWU6Od6EFp4x5P/Pyt68gGBIEH9cBuONIXKmXrCFh/XvphS75ltLptO4ybyXoaRWpW7ark09IG4jP4lOLIadB9iyoXDoV75AsKbMYWAqqhzNw2faYDdrxqty6IzJCAKvIQ2mZoVoU1nH18TGoyqJTE%2Bf9EEg1wyUC5NMzkMEgZe6eZq7PqRz72B1yMeUEc%3D%24%3D%3D
  • Target attr: name
  • Target Model Type: data/Role
  • MaxLength: 1024
  • Format: uri
  • Choices: []
User Language The default user language for users added via sync.
  • Field Name: userLanguage
  • Type: String
  • Target: /api/data/Language/choices/?field=name&format=json&hierarchy=[hierarchy]&auth_token=%3D%3D%24faUxbhluT0nqlLpw%248D0KrxgWI51m%2BWJEwLm7lSGHceafxZxs%2BjwoUeCg34OKV8YvW6FUslzc6Ms52dt4rKGJTf3lq7tFR7PtqJvKEnxcgd2xDDlhwS1osBsSCpj%2B4fVpec77S9d/NLsdebNy4MOixXJQH1800%2BlLezQjjiX2JREusazGcLys%2BSo/aMrSgDoboqiv15EcebluX5Rkr8PdJmYheJN/wkEih1bwgjNyiKvEzjjrb2N4Mx87XquYkyfx3M8YQUh6kyfHrtfQpOHZ8Wf726HuGvtRU1k%2BofWei3yNUA4leD1k7Te0zV8zgkK/V6e3bcKhawhKjN1aCBatsAGgwpkZqUwncfR0y4Q4DHeM1wb1EJGhmAGFNeYiLziIN9reKvkMVIdo1fpbOhLFs2fglCdcbR4hAUytQI4Q/A1muP00MnU48%2Bty0iLBwIQZBW8dBfx%2B1gzPhLKe8aabfKXBiFEcvOeQBDZVPLj4zpPqGL3Jz6KnAXswvGe7VcPcHn32yqFc4c3t%24%3D%3D
  • Target attr: name
  • Target Model Type: data/Language
  • MaxLength: 1024
  • Format: uri
  • Choices: []
User Move Mode The behavior for moving users to site. Setting this value to Automatic will trigger the system to apply the move filters (refer to User Management) automatically when users are sync'd into the system. Automatic is only applicable to creating new users. Setting this value to Manual means that users must be moved to site by an Adminstrator (refer to User Management). Default: Automatic
  • Field Name: userMoveMode
  • Type: String
  • Default: Automatic
  • MaxLength: 1024
  • Choices: ["Automatic", "Manual"]
User Delete Mode The behavior for handling users who are deleted from the LDAP directory. Setting this value to Automatic will trigger the system to automatically delete system settings associated with the user. Setting this value to Manual means that users deleted from the LDAP directory are no longer LDAP Integrated. Manual action by an Administrator is required to remove user settings. Default: Manual
  • Field Name: userDeleteMode
  • Type: String
  • Default: Manual
  • MaxLength: 1024
  • Choices: ["Automatic", "Manual"]
User Purge Mode Default: Automatic
  • Field Name: userPurgeMode
  • Type: String
  • Default: Automatic
  • MaxLength: 1024
  • Choices: ["Automatic", "Manual"]
Information Information regarding the specified action.
  • Field Name: info
  • Type: String
  • MaxLength: 1024
Field Mapping
  • Field Name: FieldMapping
  • Type: Object
LDAP Username * The LDAP field mapped to the user's login attribute.
  • Field Name: FieldMapping.ldap_username
  • Type: String
  • MaxLength: 1024
Data Username The LDAP field mapped to the user's login attribute for local authentication.
  • Field Name: FieldMapping.data_username
  • Type: String
  • MaxLength: 1024
Building Name The LDAP field mapped to the user's building name.
  • Field Name: FieldMapping.buildingName
  • Type: String
  • MaxLength: 1024
C The LDAP field mapped to the user's country.
  • Field Name: FieldMapping.c
  • Type: String
  • MaxLength: 1024
Department Number The LDAP field mapped to the user's department number.
  • Field Name: FieldMapping.departmentNumber
  • Type: String
  • MaxLength: 1024
Directory URI The LDAP field mapped to the user's directory URI.
  • Field Name: FieldMapping.directoryUri
  • Type: String
  • MaxLength: 1024
Display Name The LDAP field mapped to the user's display name.
  • Field Name: FieldMapping.displayName
  • Type: String
  • MaxLength: 1024
Employee Number The LDAP field mapped to the user's employee number.
  • Field Name: FieldMapping.employeeNumber
  • Type: String
  • MaxLength: 1024
Employee Type The LDAP field mapped to the user's employee type.
  • Field Name: FieldMapping.employeeType
  • Type: String
  • MaxLength: 1024
Facsimile Telephone Number The LDAP field mapped to the user's FAX number.
  • Field Name: FieldMapping.facsimileTelephoneNumber
  • Type: String
  • MaxLength: 1024
Given Name The LDAP field mapped to the user's first name.
  • Field Name: FieldMapping.givenName
  • Type: String
  • MaxLength: 1024
Home Phone The LDAP field mapped to the user's home phone number.
  • Field Name: FieldMapping.homePhone
  • Type: String
  • MaxLength: 1024
IP Phone The LDAP field mapped to the user's IP phone number.
  • Field Name: FieldMapping.ipPhone
  • Type: String
  • MaxLength: 1024
Jabber ID The LDAP field mapped to the user's Jabber ID.
  • Field Name: FieldMapping.jabberID
  • Type: String
  • MaxLength: 1024
L The LDAP field mapped to the user's city.
  • Field Name: FieldMapping.l
  • Type: String
  • MaxLength: 1024
Mail The LDAP field mapped to the user's email address.
  • Field Name: FieldMapping.mail
  • Type: String
  • MaxLength: 1024
Manager The LDAP field mapped to the user's manager.
  • Field Name: FieldMapping.manager
  • Type: String
  • MaxLength: 1024
Member Of The LDAP field mapped to the user's groups.
  • Field Name: FieldMapping.memberOf
  • Type: String
  • MaxLength: 1024
Mobile The LDAP field mapped to the user's mobile phone number.
  • Field Name: FieldMapping.mobile
  • Type: String
  • MaxLength: 1024
O The LDAP field mapped to the user's organization name.
  • Field Name: FieldMapping.o
  • Type: String
  • MaxLength: 1024
Object Class
  • Field Name: FieldMapping.objectClass
  • Type: String
  • MaxLength: 1024
Other Mailbox
  • Field Name: FieldMapping.otherMailbox
  • Type: String
  • MaxLength: 1024
Ou The LDAP field mapped to the user's organization unit name.
  • Field Name: FieldMapping.ou
  • Type: String
  • MaxLength: 1024
Photo URL The LDAP field mapped to the user's photo URL.
  • Field Name: FieldMapping.photoURL
  • Type: String
  • MaxLength: 1024
Physical Delivery Office Name The LDAP field mapped to the user's post office.
  • Field Name: FieldMapping.physicalDeliveryOfficeName
  • Type: String
  • MaxLength: 1024
Postal Code The LDAP field mapped to the user's postal code.
  • Field Name: FieldMapping.postalCode
  • Type: String
  • MaxLength: 1024
Preferred Language The LDAP field mapped to the user's preferred language.
  • Field Name: FieldMapping.preferredLanguage
  • Type: String
  • MaxLength: 1024
Sn * The LDAP field mapped to the user's last name.
  • Field Name: FieldMapping.sn
  • Type: String
  • MaxLength: 1024
St The LDAP field mapped to the user's state.
  • Field Name: FieldMapping.st
  • Type: String
  • MaxLength: 1024
Street The LDAP field mapped to the user's street.
  • Field Name: FieldMapping.street
  • Type: String
  • MaxLength: 1024
Telephone Number The LDAP field mapped to the user's telephone number.
  • Field Name: FieldMapping.telephoneNumber
  • Type: String
  • MaxLength: 1024
Timezone The LDAP field mapped to the user's time zone.
  • Field Name: FieldMapping.timezone
  • Type: String
  • MaxLength: 1024
Title The LDAP field mapped to the user's title.
  • Field Name: FieldMapping.title
  • Type: String
  • MaxLength: 1024
Uid The LDAP field mapped to the user's userid.
  • Field Name: FieldMapping.uid
  • Type: String
  • MaxLength: 1024
Unverified Mail Box The LDAP field mapped to the user's unverified mailbox.
  • Field Name: FieldMapping.unverifiedMailBox
  • Type: String
  • MaxLength: 1024
Custom String 1 The LDAP field mapped to a custom string.
  • Field Name: FieldMapping.customString1
  • Type: String
  • MaxLength: 1024
Custom String 2 The LDAP field mapped to a custom string.
  • Field Name: FieldMapping.customString2
  • Type: String
  • MaxLength: 1024
Custom String 3 The LDAP field mapped to a custom string.
  • Field Name: FieldMapping.customString3
  • Type: String
  • MaxLength: 1024
Custom String 4 The LDAP field mapped to a custom string.
  • Field Name: FieldMapping.customString4
  • Type: String
  • MaxLength: 1024
Custom String 5 The LDAP field mapped to a custom string.
  • Field Name: FieldMapping.customString5
  • Type: String
  • MaxLength: 1024
Custom List of Strings 1 The LDAP field mapped to a custom list of strings.
  • Field Name: FieldMapping.customListOfStrings1
  • Type: String
  • MaxLength: 1024
Custom List of Strings 2 The LDAP field mapped to a custom list of strings.
  • Field Name: FieldMapping.customListOfStrings2
  • Type: String
  • MaxLength: 1024
Custom List of Strings 3 The LDAP field mapped to a custom list of strings.
  • Field Name: FieldMapping.customListOfStrings3
  • Type: String
  • MaxLength: 1024
Custom List of Strings 4 The LDAP field mapped to a custom list of strings.
  • Field Name: FieldMapping.customListOfStrings4
  • Type: String
  • MaxLength: 1024
Custom List of Strings 5 The LDAP field mapped to a custom list of strings.
  • Field Name: FieldMapping.customListOfStrings5
  • Type: String
  • MaxLength: 1024
Shadow
  • Field Name: shadow.[n]
  • Type: Array
  • Cardinality: [0..1]
Name *
  • Field Name: shadow.[n].name
  • Type: String
  • MaxLength: 1024
User Field Mapping
  • Field Name: UserFieldMapping
  • Type: Object
Name * The name of the user mapping object.
  • Field Name: UserFieldMapping.name
  • Type: String
Description The description of the user mapping object.
  • Field Name: UserFieldMapping.description
  • Type: String
Application name * Application name like CUCM, LDAP, CUC
  • Field Name: UserFieldMapping.application
  • Type: String
  • Target: /api/data/UserSyncSource/choices/?field=name&format=json&hierarchy=[hierarchy]&auth_token=%3D%3D%24cAOdEQHCQAgDB2Nh%244TxYoIx0DRk01DCkWy94MsVRW/qSILe3H73dYSLiWmbjQ/zCS6O%2Bh0JPrN75TPK6TmDLrWmzu5gQiIyRIXb4QtRDthCN6curakfJI7JdmlgT6yJZ5YBPqVaewHAPmMjZtQuKfj7ZFTwQwpdH0ZIJUcJYcKFqunvw//jK9YomTdIsGzGFBSeS7fYeoA1Ag80OqFBjfv8Z2UhEgNSDh2RY9%2BdBUksAvHk771hDZOhgG3bq31tEuwf8mVYic9Mygm9G/O1%2BgxNAog4JdJuZ2aJA5v2anUchGy59RbNdazxjZ6igWYej7qAuFoDomAffraxS8TWCHb7NNcggg6z%2B%2BcCSqis14KwBXp7/gLpeULhUNjmtII4b4cnbxJLGhLDGjky8S5rQ05%2B1SbxUjL%2BpLV/TaleEYmzEo9buUiKNo6ZLpuIs7s7xlJmSBPz/pEbxmd/1ji7g/y09hCTVpGLj%2B%2B/PRMWIQ7Z9AoIwcAIeN3UXMog12zfhnAxrMM7KmmorPFopTGhC%24%3D%3D
  • Target attr: name
  • Target Model Type: data/UserSyncSource
  • Format: uri
  • Choices: []
Model Type The model type used for this LDAP server.
  • Field Name: UserFieldMapping.model_type
  • Type: String
Data Exist Flag to see if data exists for the server. If data exist the username and email fields will be disabled. These mappings cannot be changed once data exists.
  • Field Name: UserFieldMapping.data_exist
  • Type: Boolean
User Name The username corresponding to the the Username in Cisco Unified Communications Manager and Cisco Unity Connection server.
  • Field Name: UserFieldMapping.username
  • Type: String
Email Address The email address corresponding to the the Username in Cisco Unified Communications Manager and Cisco Unity Connection server.
  • Field Name: UserFieldMapping.email
  • Type: String
First Name The first name corresponding to the user first name in Cisco Unified Communications Manager and Cisco Unity Connection server.
  • Field Name: UserFieldMapping.first_name
  • Type: String
Last Name The last name corresponding to user last name in Cisco Unified Communications Manager and Cisco Unity Connection server.
  • Field Name: UserFieldMapping.last_name
  • Type: String
Password The password corresponding to the user password in Cisco Unified Communications Manager. The password is hidden.
  • Field Name: UserFieldMapping.password
  • Type: String
Building Name Building name or number.
  • Field Name: UserFieldMapping.building_name
  • Type: String
Country Country name.
  • Field Name: UserFieldMapping.country
  • Type: String
Department Department names and numbers.
  • Field Name: UserFieldMapping.department
  • Type: String
Directory URI Alphanumeric Directory URI (e.g. SIP URI)
  • Field Name: UserFieldMapping.directory_uri
  • Type: String
Display Name Display name of the user
  • Field Name: UserFieldMapping.display_name
  • Type: String
Employee Number Employee number of the user
  • Field Name: UserFieldMapping.employee_number
  • Type: String
Employee Type Employee type
  • Field Name: UserFieldMapping.employee_type
  • Type: String
Facsimile Telephone Number Facsimile Telephone Number
  • Field Name: UserFieldMapping.facsimile_telephone_number
  • Type: String
Home Phone Contains strings that represent the user's home phone number(s).
  • Field Name: UserFieldMapping.home_phone
  • Type: String
IP Phone Contains strings that represent the user's IP phone number(s).
  • Field Name: UserFieldMapping.ip_phone
  • Type: String
Jabber ID Jabber ID
  • Field Name: UserFieldMapping.jabber_id
  • Type: String
City Contains the name of a person's locality.
  • Field Name: UserFieldMapping.city
  • Type: String
Manager Manager.
  • Field Name: UserFieldMapping.manager
  • Type: String
Member Of The user can be a member of a variety of groups.
  • Field Name: UserFieldMapping.member_of
  • Type: String
Mobile Contains strings that represent the user's IP mobile number(s).
  • Field Name: UserFieldMapping.mobile
  • Type: String
Organization The name of the person's organization.
  • Field Name: UserFieldMapping.organization
  • Type: String
Object Class Object Class.
  • Field Name: UserFieldMapping.object_class
  • Type: String
Other Mailbox Other Mailbox.
  • Field Name: UserFieldMapping.other_mailbox
  • Type: String
Organizational Unit The name of the person's organization unit.
  • Field Name: UserFieldMapping.ou
  • Type: String
Photo URL Photo URL.
  • Field Name: UserFieldMapping.photo_url
  • Type: String
Physical Delivery Office Name Physical Delivery Office Name.
  • Field Name: UserFieldMapping.physical_delivery_office_name
  • Type: String
Postal Code Contains code used by a Postal Service to identify postal service zones.
  • Field Name: UserFieldMapping.postal_code
  • Type: String
Preferred Language Preferred Language.
  • Field Name: UserFieldMapping.preferred_language
  • Type: String
State Contains full names of state or province.
  • Field Name: UserFieldMapping.state
  • Type: String
Street Contains site information from a postal address.
  • Field Name: UserFieldMapping.street
  • Type: String
Telephone Number Telephone Number.
  • Field Name: UserFieldMapping.telephone_number
  • Type: String
Timezone Timezone.
  • Field Name: UserFieldMapping.timezone
  • Type: String
Title Title.
  • Field Name: UserFieldMapping.title
  • Type: String
Unverified Mail Box Unverified Mail Box.
  • Field Name: UserFieldMapping.unverified_mailbox
  • Type: String
Custom String 1 Custom String
  • Field Name: UserFieldMapping.customString1
  • Type: String
Custom String 2 Custom String
  • Field Name: UserFieldMapping.customString2
  • Type: String
Custom String 3 Custom String
  • Field Name: UserFieldMapping.customString3
  • Type: String
Custom String 4 Custom String
  • Field Name: UserFieldMapping.customString4
  • Type: String
Custom String 5 Custom String
  • Field Name: UserFieldMapping.customString5
  • Type: String
Custom String 6 Custom String
  • Field Name: UserFieldMapping.customString6
  • Type: String
Custom String 7 Custom String
  • Field Name: UserFieldMapping.customString7
  • Type: String
Custom String 8 Custom String
  • Field Name: UserFieldMapping.customString8
  • Type: String
Custom String 9 Custom String
  • Field Name: UserFieldMapping.customString9
  • Type: String
Custom String 10 Custom String
  • Field Name: UserFieldMapping.customString10
  • Type: String
Custom List of Strings 1 Custom List of Strings
  • Field Name: UserFieldMapping.customListOfStrings1
  • Type: String
Custom List of Strings 2 Custom List of Strings
  • Field Name: UserFieldMapping.customListOfStrings2
  • Type: String
Custom List of Strings 3 Custom List of Strings
  • Field Name: UserFieldMapping.customListOfStrings3
  • Type: String
Custom List of Strings 4 Custom List of Strings
  • Field Name: UserFieldMapping.customListOfStrings4
  • Type: String
Custom List of Strings 5 Custom List of Strings
  • Field Name: UserFieldMapping.customListOfStrings5
  • Type: String
Custom List of Strings 6 Custom List of Strings
  • Field Name: UserFieldMapping.customListOfStrings6
  • Type: String
Custom List of Strings 7 Custom List of Strings
  • Field Name: UserFieldMapping.customListOfStrings7
  • Type: String
Custom List of Strings 8 Custom List of Strings
  • Field Name: UserFieldMapping.customListOfStrings8
  • Type: String
Custom List of Strings 9 Custom List of Strings
  • Field Name: UserFieldMapping.customListOfStrings9
  • Type: String
Custom List of Strings 10 Custom List of Strings
  • Field Name: UserFieldMapping.customListOfStrings10
  • Type: String
Custom Boolean 1 Custom Boolean
  • Field Name: UserFieldMapping.customBoolean1
  • Type: String
Custom Boolean 2 Custom Boolean
  • Field Name: UserFieldMapping.customBoolean2
  • Type: String
Custom Boolean 3 Custom Boolean
  • Field Name: UserFieldMapping.customBoolean3
  • Type: String
Custom Boolean 4 Custom Boolean
  • Field Name: UserFieldMapping.customBoolean4
  • Type: String
Custom Boolean 5 Custom Boolean
  • Field Name: UserFieldMapping.customBoolean5
  • Type: String
Custom Boolean 6 Custom Boolean
  • Field Name: UserFieldMapping.customBoolean6
  • Type: String
Custom Boolean 7 Custom Boolean
  • Field Name: UserFieldMapping.customBoolean7
  • Type: String
Custom Boolean 8 Custom Boolean
  • Field Name: UserFieldMapping.customBoolean8
  • Type: String
Custom Boolean 9 Custom Boolean
  • Field Name: UserFieldMapping.customBoolean9
  • Type: String
Custom Boolean 10 Custom Boolean
  • Field Name: UserFieldMapping.customBoolean10
  • Type: String