Manage duplicate usernames#

Tip

Use the Action search to navigate Automate

Users are created in a sync with LDAP or Cisco Unified Communications Manager (Cisco UCM), or they’re created manually in Automate.

Important

Usernames for admin and non-admin users must be unique within the hierarchy, both upwards and downwards. User emails must be unique system-wide.

All users are created according to these duplicate username guidelines:

  • A user’s username can’t be updated if another user in the current hierarchy has the same username. This restriction includes above, below, or at the same level in the current hierarchy.

  • You can’t add a user with the same username as another user that is above, or was originally above before being moved, the current hierarchy.

  • You can’t manually add a user with the same username as another user at the same level or below in the current hierarchy.

  • You can’t convert a user to a provisioned user or Cisco UCM user if another user at the same level or below the UCM in the current hierarchy has the same username.

  • A user may or may not be synced from LDAP or UCM if another user at the same level or below in the current hierarchy has the same username.

    This condition depends on the source of the existing user.

The following tables describe sync conditions for users created in a LDAP or UCM sync.

Users created in an LDAP sync:

Source of existing user

Action

LDAP

Simple user update, if the user is coming from the same LDAP server

UCM

Update user, update provisioning status with LDAP server and SyncTo info

Manually created

Update user, update provisioning status with LDAP server and SyncTo info

Users created in a Cisco UCM sync:

Source of existing user

Action

LDAP

User is not synced

UCM

Simple user update, if the user is coming from the same UCM server

Manually created

Update user, update provisioning status and SyncTo info with UCM server

Users created in Automate and auto pushed to Cisco UCM

The table refers to users created in Automate using:

  • Users page

  • Quick Add User

  • Auto Push feature on Site

Quick Add User and User Management create Automate and non-Automate users, while Manage Users and the Auto Push to Cisco UCM feature convert existing users into provisioned users.

Source of existing user

Action

LDAP

Update user, update provisioning status with UCM server (keep SyncTo info the same)

UCM

No action or updates are necessary

Manually created

Update user, update provisioning status with UCM server and update SyncTo to the UCM hierarchy if the current SyncTo is below it

Note

  • If a user can’t be created or updated during an LDAP or UCM sync, a log is created in Log Messages, and the sync succeeds.

    If a user can’t be created or updated manually, an error message is generated.

  • If the duplicate user check fails, the transaction fails and the user is not converted to a provisioned user.

  • If a user’s SyncTo value is updated, SSO User updates can result. The SSO User’s IDP is set to the IDP configured at the new SyncTo hierarchy node. If no IDP is configured at the new SyncTo hierarchy node, the SSO User is deleted, if it existed. If an IDP is configured at the new SyncTo hierarchy node, but no SSO User exists, an SSO User is created at the user’s hierarchy node.

  • An update is blocked if two duplicate users are from the same source but originate from different servers.