Mitel Forums - The Unofficial Source

Mitel Forums => Mitel Software Applications => Topic started by: Mattmayn on October 08, 2014, 02:22:11 PM

Title: MiCollab and AD
Post by: Mattmayn on October 08, 2014, 02:22:11 PM

I have a customer who is wanting to switch their existing MiCollab Client (UCA) from PBX sync to AD sync. I have never done this and was wondering what issues this may cause with an existing system.

Will AD overwrite all of the accounts in MiCollab? What about accounts that were manually entered without actual devices (RGs and HGs for routing purposes)? Will any of this push down to the 3300s if different? How do you do AD sync with a multi-node environment (six 3300s to be exact)? Or can you?

Am I missing any glaring issues?

Title: Re: MiCollab and AD
Post by: akuhn on October 08, 2014, 02:42:06 PM

I would be concerned about password policy in AD and how it would affect the UCA app and vice-versa.  I get the feeling that not a whole lot of folks run it.

Title: Re: MiCollab and AD
Post by: Mattmayn on October 08, 2014, 02:48:07 PM

From what I can tell AD controls credentials.

Title: Re: MiCollab and AD
Post by: markyb73 on October 08, 2014, 05:37:32 PM

I've done UCA with AD a few times from new but never converted.
If you do the convert, would be interested to know how it goes  :)

Title: Re: MiCollab and AD
Post by: bluewhite4 on October 08, 2014, 11:37:48 PM

Quote from: Mattmayn on October 08, 2014, 02:48:07 PM

From what I can tell AD controls credentials.

In a non-MAS integrated UCA AD sync, AD does not provide the credentials.

Title: Re: MiCollab and AD
Post by: billbry66 on December 07, 2014, 12:56:50 AM

I have done a few conversions

For ad authentication the Micollab needs to be integrated into the MAS

You can do ad sync direct to UCA blade without integrating but that would result in all accounts being lost when you change from pabx to ad sync

So my suggestion would be to integrate first then
You have to proceed carefully , the AD should be set to have
   the same firstname lastname extension number email address details
   the MCDname and an appropriate role

Then you create a sync connection and set to defer all entries
you should configure some roles /templates to match user settings and assist with pushing the accounts.

Once the sync has completed you should have a list of entries matching all the users
when you manually push these through , the user's account changes from checking the UC database for login password details to
pushing the credentials through to AD for checking , ad responds with a ya or nay and the user is allowed to login if the credentials match

Make sure you have backups of everything first ....