Understand organizational contacts

Use Control Hub to migrate or synchronize your organizational contacts to Webex. For on-premises deployments, organizational contacts are configured in the LDAP server as contact objects or in the Cisco Unified Communications Manager as end-users. You can configure rules in Control Hub to classify users in the Unified CM database into end users and contacts.

This tool does the following:

  • Synchronizes users and contacts from Unified CM or LDAP server to Webex.

  • Automatically detects updates in Unified CM based users and contacts and updates the changes into Webex.

  • You can set a schedule for the periodic sync to synchronize users and contacts from LDAP server into Webex.

  • Periodic audit could be configured to make sure Unified CM users and contact data doesn't get out of sync with Webex.

You can select only one source of users from either the Unified CM or LDAP server. If you configure directory connector, then you cannot synchronize users through the tool.
You must manage users and contacts that are synchronized using the tool from either UCM or LDAP source. Do not delete the contacts and the Users from Webex as it will cause the tool to be out of sync.

If you do not have Cisco Cloud connectivity, then use the CSV file through Control Hub to import your org contacts.

The prerequisites, Configure LDAP server search and set your preferences are mandatory sections which will guide you through the initial set up to import and synchronize your organizational contacts into Webex.

  • Get familiar with Control Hub. Control Hub is the management interface for the Webex platform. For more information, see Get started with Control Hub.

  • Access Control Hub with full administrator privileges. With full administrator privileges, you can assign one or more roles to any user in your organization. Ensure to assign a user with administrator privilege so you can migrate the rest of your Jabber custom contacts. For more information, see Assign organizational account roles in Control Hub.

  • Onboard the Unified CM clusters to Webex Cloud-Connected UC. For more information, see Set up Webex Cloud-Connected UC for on-premises devices.

  • On the cluster or clusters that you onboarded to Webex Cloud-Connected UC, enable Deployment Insights service. For more information, see Enable or disable Webex Cloud-Connected UC services in Control Hub.

  • Configure LDAP server search. The LDAP credentials are retrieved from the Unified CM LDAP search configuration page for contact synchronization. For more information, see Configure LDAP server search.
    If you don't validate the on-premise configurations for LDAP, the LDAP contact synchronization is not initiated.

Lightweight Directory Access Protocol (LDAP) synchronization helps you to provision and configure end users for your system.

If you wish to use Unified CM configuration, do the following:

1

Set the LDAP server Directory Type to Microsoft AD or Open LDAP server on the Unified CM.

2

Provide the LDAP search configuration:

  • LDAP server Username

  • LDAP server Password

  • LDAP server Search Base

  • LDAP server Search filter

  • UC Directory Profile tagged as Primary

By default, the entity type is Contacts.
For more information, see Configure LDAP synchronization

If you wish to customize the configuration in Control Hub, do the following:

1

Configure the LDAP server search page on Unified CM and provide the following:

  • LDAP server Username

  • LDAP server Password

2

Add one or more UC Directory profile.

3

Specify the LDAP server directory type explicitly in Control Hub user interface.

4

Specify the LDAP server Entity Type as Users or Contacts in the Control Hub user interface.

5

Specify the UC service profile as one of the directory profiles created in step 2.

6

Specify the LDAP server search base.

7

Specify the LDAP server search filter.

For more information, see Configure LDAP synchronization
1

From the Control Hub dashboard, Go to Updates and Migration.

2

Select the User/Contact Sync tile and click Go to Settings under Prerequisites.

The Settings page appears.

3

Configure either the Unified CM or the LDAP server for user synchronization function. Select the details from the following sections:

  • Unified CM end-user list—Configure rules for Control Hub to identify users in the Unified CM database into end users and contacts

    Field Name

    Description

    Rules to identify contacts and users

    Check any of the following check boxes to identify Org contacts from Unified CM. This option allows separating contacts from the users as the Unified CM users may contain both users and contacts. You can set rules to distinguish contacts from users:

    • Synchronize all records as contacts.

    • Synchronize all records as users.

    • Custom

    If the selected option is Custom, the tool provides options to classify the Unified CM end-user record as contact. Rest of the identities are considered as Users.

    Select at least one identification rule to proceed.

    • Not synced from the LDAP server to Unified CM database.

    • Manager user ID is missing.

    • No device is associated.

    • Department ID is missing.

    • Department ID contains a string.

    • User ID contains a string.

    Import

    Choose the toggle to enable or disable synchronization of contacts or users from Unified CM to Webex.

    • Import Users—This includes all records that are identified as users from the Unified CM end-user list. It's based on the rules set on the card.

      When the Directory Connector is enabled, the Import Users toggle is disabled. So, you cannot perform user synchronization.

      You can only sync users from one source either Unified CM or LDAP and the selection is final.

    • Import Contacts—This includes all records that are identified as contacts from the Unified CM end-user list. The contacts include lobby phones, hunt groups, organizational contacts that the administrator configures. It is based on the rules set on the card.

    Select the Cluster

    Choose a cluster to migrate the contacts or users.

    Periodic audit

    Allows to peridically audit Unified CM end users list and Webex data to make sure it synchronizes every 7 days.

    Set time—Use this field to change the default audit interval

    Any changes to users and/or contacts on Unified CM, updates to webex within a couple of hours.

  • LDAP server—Choose these settings to synchronize users and contacts from the LDAP server to Webex. You can Synchronize contacts from both Unified CM and LDAP server, but users could be synchronized from one source - Unified CM or LDAP server. Once this source is selected, it can't be changed for this Org.

    You can only sync users from one source either Unified CM or LDAP and the selection is final.

    Field Name

    Description

    LDAP Periodic sync

    Enable or disable synchronization from the LDAP server.

    Periodic synchronization

    Allows to periodically synchronize all users and/or contacts from LDAP server to Webex.

    Add Configuration

    Choose a cluster filter to synchronize contacts and/or users. Control Hub LDAP server supports multiple configurations for the clusters. Click Add Configuration to configure LDAP server related configurations. The Control Hub LDAP server uses the Unified CM LDAP search credentials connect to LDAP server.

    • Cluster name—Select the cluster name.

    • Configuration—Choose from the two modes - Use Unified CM LDAP search and Custom Filter.

      1. Use Unified CM LDAP search - Allows tool to pick up the Unified CM LDAP search configuration to sync contacts.
      2. Custome Filter - Allows tool to sync users and contacts. It also allows users to define the synchronization settings.

      • LDAP system—Choose OpenLDAP or Microsoft AD as Source LDAP server.

        Open LDAP when we use metadirectory such as Recos.

      • Synchronization type—Select the type of sync either user or contact.

        If you have already selected users synchronization from Unified CM settings or User sync through Directory connector is configured, then User sync option will not be available here.

      • Custom Filter—Custom filter for users or contact synchronization.

      • LDAP Search Base—LDAP server search base for user or contact synchronization.

        An admin can add up to three search bases separated by "&&".

      • UC Directory Service Profile—Select one of the Unified CM configured UC Service of Type Directory.

4

Click Save and proceed. The Pending for sync section appears.

Synchronizing organizational contacts is now an automated process. Webex Cloud-Connected UC can sync contacts from Unified CM or the LDAP server to Webex. This functionality does not require manual upload of CSV file, which was cumbersome and error prone.

You can choose to synchronize data from a single cluster or all clusters. The rules for synchronizing data depend on the configurations set in the Settings page. You can change the rules, if necessary and it applies from the next synchronization task.

On synchronize the organizational contacts data, the following displays:

Identities

Description

Contacts to be synced

Total number of contacts that are ready to be synchronized to Webex.

Contacts already in Webex

Total number of contacts that are already synchronized to Webex.

Users to be synchronized

Total number of users ready to be synchronized to Webex.

User Exists in Webex

Total number of users who are already synchronized to Webex.

When syncing users and/or contacts from Unified CM, you can review the records and use the inline editing option to change the imported data. Click Review Unified CM Records.

This option is not available for LDAP synchronization and only available for Unified CM based users and/or contacts synchronization.
Review the user data before you start the synchronization. Use this screen to fix any errors for the identities. This table displays only active users.

The following procedure is not applicable when Directory connector are enabled as user synchronization cannot be done.

1

In the Review users before synchronization page, review the details regarding issues and fix them, if any.

The list of issues are as follows:

  • Invalid email: This is an error. Invalid email IDs refer to incomplete ID or duplicate ID. You cannot sync users with invalid email IDs. Fix the error in the email ID or you can remove the contact details. You can fix the invalid email IDs from the Summary page.

  • Missing telephone number/extension: This is a warning. You can sync users without phone number or extension and it is not mandatory to fix this error. You cannot add the missing phone number or extension details from Control Hub.

  • User Exists in Webex: You cannot synchronize users who are already in Webex. If the users exist in Webex, the tool updates the user details.

Use the search field to search for the identities and sort them based on the filters.

2

Click Change user/contact rule to change the rules from the Settings page.

3

Select a user or contact from the list to make any changes to the identity. You can move the user or contact or remove from the contact sync list.

4

You can export the list to a CSV file to manually edit any information and later import the updated file. Click Actions to perform the following tasks:

  • Export these rows: Choose this option to export all the available records.
  • Import updated file: Choose this option if you want to view the updated file details.
  • Reset user list : Choose this option if you want to clear the existing user list details and update it again on the Summary page.
5

Click Next. Displays the Review contacts before synchronization page.

6

In the Review contacts before synchronization page, you can perform the same set of tasks such as Search, Sort, Edit Settings, and Change user/ Contact Rules. Review the details about issues and fix them, if any.

The list of issues are as follows:

  • Invalid display name: This is an error. The display name should not be empty.

  • Contacts with no information: This is a warning. It is not mandatory to fix the records with no contact information to allow synchronization but contacts with no information will not be synced to Webex. Export and edit all the affected contacts and upload them back to fix the warning.

  • Already in Webex: You cannot synchronize contacts who are already in Webex. If Display name AND Email ID AND Telephone number of the synced contact is same as an existing Webex contact, then contact info will be updated in Webex, else new contact will be created in Webex.

Use the search field to search for the identities and sort them based on the filters.

7

Click Next.

The Summary page appears.

The summary page lists the error and warning messages for the selected users and contacts. It also provides you with the necessary suggestions and solutions to resolve them. Resolve the errors before you proceed. However, you can ignore the warnings.

  • You can also remove the identities (user or contact) with errors and proceed. The removed identities are added back to the unsynchronized list.

  • The errors and warnings can be downloaded.

To resolve the user errors, click View Users and select Remove from sync list.

To resolve errors with the contacts, click View Contacts and select Remove from sync list.

When you use the Remove from sync list option to remove users in the Summary page, the user sync count on Control Hub isn't updated.

You can view the count of these invalid identities:

  • Users with invalid email IDs.

  • Contacts with incorrect display name.

  • User already exists in Webex and they can't be synced.

  • Users with missing telephone number/extension.

  • Contacts with missing telephone number/extension.

The users and contact details in the review wizard is reverted when the settings page is updated.

Export updated records- we recommend updating the Unified CM contact list for any changes that are made to the records. Click Export list, to download the updated records and manually update them in Unified CM.

The Synchronization tab lists all the synchronization operations that have been done thus far. You can view the following columns:

  • Status

  • Last updated on

  • Total contacts

  • Failed contacts

  • Total users

  • Failed users

  • Initiated by

  • Type

In the Logs page, review the message in the System failure column and fix the error. The following table lists the different error scenarios and how to fix them.

Error Scenario

Message on the User Interface

Resolution

Unable to connect to the LDAP server.

LDAP Communication Error

Check if the IP address and port are configured correctly in the Directory Profile on the Unified CM, and reachable from the Publisher.

Unable to establish a TLS connection

LDAP Certificate Error

Check if the LDAP certificate is Certificate Authority (CA) signed.

Unable to connect to LDAP due to wrong credentials.

LDAP Authentication Error

Check if the correct credentials are provided on the Unified CM LDAP configuration page.

Unable to fetch data due to wrong LDAP search base.

LDAP Search Base Error

Check if the correct LDAP search base is provided in Control Hub or the Unified CM configuration page, depending on the mode.

Unable to fetch data due to timeout.

LDAP Timeout Error

Check the timeout configured in the LDAP (DirSync) service parameter on the Unified CM publisher.

Distinguished Names (DNs) are missing in the CSV data.

LDAP Mismatch Error

Check if the customer has configured the correct LDAP type in Control Hub UI.

Any other error.

LDAP Internal Error

Contact Cisco TAC support.