Home | Skip to Content | Skip to Search | Skip to Navigation | Skip to Footer |
Worldwide [change] |Register |About Cisco
Guest

Hierarchical Navigation

Cisco Unified Communications Manager (CallManager)

CallManager DC Directory and Active Directory - Hide Users

Downloads

Document ID: 65594


Contents

Introduction
Prerequisites
      Requirements
      Components Used
      Conventions
Hide Users in DC Directory
Hide Users in Active Directory 2000
Hide Users in Active Directory 2003
Unhide Users
NetPro Discussion Forums - Featured Conversations
Related Information

Introduction

This document explains how to hide users when you do not want them to appear in the corporate directory. These users can be CTI users, Attendant Console, Cisco Emergency Responder, Cisco Conference Connection, and so forth. The CCMSysUser, CCMAdministrator, and PMASysUser users are already hidden by default.

Prerequisites

Requirements

Cisco recommends that you have knowledge of these topics:

  • Cisco CallManager 3.x and 4.x administration

  • Directory management

Components Used

The information in this document is based on Cisco CallManager 4.x.

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.

Conventions

Refer to the Cisco Technical Tips Conventions for more information on document conventions.

Hide Users in DC Directory

Note: After you run the script, the user is hidden in the corporate directory and the CCMadmin user page. See the Unhide User section of this document in order to add the user back.

Complete these steps in order to hide users in DC Directory:

  1. Open Notepad on the publisher server.

  2. Cut and paste these four lines and save the file as a text file on the C: drive as hideuser.ldif.

    Note:  The spaces must appear as this output shows. Ensure that there are no extra spaces in the LDIF file. Otherwise, the script fails when you run it.

    dn: cn=[userid], ou=users, o=cisco.com
changeType:modify
replace:Description
Description:CiscoPrivateUser

  3. Set the [userid] to be the user you want to hide. For example: 

    dn: cn=ctiuser, ou=users, o=cisco.com
changeType:modify
replace:Description
Description:CiscoPrivateUser

  4. Choose Start > Run > cmd in order to open a command prompt on the publisher server, and run this script in order to set the description field in DC Directory: 

    ldapmodify -h <server name> -p 8404 -D "cn=Directory
Manager,o=cisco.com" -w <DCDAdmin Password> -c -f hideuser.ldif.txt

    This output shows a successful run:

    C:\>ldapmodify -h CallManagerPub -p 8404 -D 
"cn=Directory Manager, o=cisco.com" -w Cisco -c -f hideuser.ldif.txt
modifying entry cn=ctiuser, ou=users, o=cisco.com

Hide Users in Active Directory 2000

Use Microsoft Active Directory Service Interfaces (ADSIEdit), available as a part of the Windows 2000 Support Tools, or any other LDAP tool, in order to update the Description field. Add the string CiscoPrivateUser to the Description field of the user. If the tool is not available, use this output: 

dn: cn=[userid], CN=users, dc=[domain], dc=com
changeType: modify
replace: Description
Description: CiscoPrivateUser

Save this file on the Active Directory server as hideuser.ldif. Then execute ldifde -i -f hideuser.ldif on the Active Directory server.

Hide Users in Active Directory 2003

Copy these five lines (note the '-' after the first four lines). In Active Directory 2003, this is required and has changed from Active Directory 2002 into a text file. Replace [userid] with the userid of the user that you need to hide. Replace [domain] with your domain. Save this file on the Active Directory server as hideuser.ldif. 

dn: cn=[userid], CN=users, dc=[domain], dc=com
changeType: modify
replace: Description
Description: CiscoPrivateUser
-

Execute ldifde -i -f hideuser.ldif on the Active Directory server.

Unhide Users

In order to unhide the user, the Description of the field must be changed to something other than CiscoPrivateUser. The procedure to change it is similiar to the one you use to hide the user:

  • DC Directory: 

    dn: cn=[user], ou=users, o=cisco.com
changeType:modify
replace:Description
Description: PublicUser

  • Active Directory: 

    dn: cn=[userid], CN=users, dc=[domain], dc=com
changeType: modify
replace: Description
Description: PublicUser

Then, re-run the original script.

NetPro Discussion Forums - Featured Conversations

Networking Professionals Connection is a forum for networking professionals to share questions, suggestions, and information about networking solutions, products, and technologies. The featured links are some of the most recent conversations available in this technology.
NetPro Discussion Forums - Featured Conversations for Voice
Service Providers: Voice over IP
Voice & Video: Voice over IP
Voice & Video: IP Telephony
Voice & Video: IP Phone Services for End Users
Voice & Video: Unified Communications
Voice & Video: IP Phone Services for Developers
Voice & Video: General

Related Information

Updated: Jan 31, 2006Document ID: 65594