Which of the following tasks cannot be automatically synchronized when an LDAP directory is integrated with
UCM?
A.
user provisioning
B.
user password creation
C.
user authentication
D.
user lookups
Explanation:
User passwords cannot be automatically synchronized when a Lightweight Directory Access Protocol (LDAP)
directory is integrated with Cisco Unified Communications Manager (UCM). When UCM is configured tosynchronize with an LDAP directory, such as OpenLDAP or Microsoft Active Directory, the user ID and all user
personal and organizational data that is stored in the LDAP directory, except for passwords, are replicated to
the UCM database. It is important to note that the Cisco Directory Synchronization (DirSync) service must be
activated before LDAP synchronization can take place.
When LDAP synchronization is configured, UCM configures the synchronized data as read-only data and
acknowledges the LDAP directory as the central authority for creating and deleting user accounts. Therefore,
UCM prevents administrators from using the UCM graphical user interface (GUI) to add and delete users. None
of the data that was replicated to the UCM database can be modified by using the GUI. However, UCM user
data that is not managed by the LDAP directory, such as the user’s password and personal identification
number (PIN), can be modified in the UCM administrative GUI.
User lookups can be automatically synchronized when the LDAP directory of an organization has been
integrated with UCM. When LDAP directory lookups are enabled, not only can UCM applications users, such as
a Cisco Unified Personal Communicator client, search for and view information in the LDAP directory, but they
can also add to their contact lists from the LDAP directory. Administrators can configure a limitless number of
LDAP custom filters in UCM Administration to filter the results of LDAP searches.
User authentication can be automatically synchronized when the LDAP directory of an organization has been
integrated with UCM. When a user attempts to authenticate with UCM, the user’s credentials are passed to the
LDAP directory authentication service. If the credentials are correct, the user is authenticated and permitted to
log in to the UCM GUI.
User provisioning can be automatically synchronized when the LDAP directory of an organization has been
integrated with UCM. When UCM is integrated with LDAP, provisioning a user in LDAP will automatically add
that same user account to UCM. Having this integration prevents the administrator from having to make manual
adjustments in two locations in the event that an account needs to be modified, created, or removed.Cisco: LDAP Directory Integration: LDAP Authentication
Cisco: LDAP Directory Integration: LDAP Synchronization