Cisco Unified Communications Manager (CallManager)

Active Directory Patch for CallManager with Exchange 2000 Already Installed

Document ID: 44142

Updated: Mar 30, 2005



There is a known issue when integrating Cisco CallManager with Microsoft Windows 2000 Active Directory (AD) when Microsoft Exchange 2000 is already installed. This issue may occur when a labeledURI schema object with an lDAPDisplayName of labeledURI already exists in the AD.



Before attempting this configuration, ensure that you meet these requirements:

Components Used

The information in this document is based on these software and hardware versions:

  • Cisco CallManager

  • Microsoft Windows 2000 AD

  • Microsoft Exchange 2000

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.

Related Products

This configuration can also be used with these hardware and software versions:

  • Cisco Unity with Exchange 2000


For more information on document conventions, refer to the Cisco Technical Tips Conventions.

Main Task

Step-by-Step Instructions

Follow these steps to perform the configuration:

Note: These steps also apply to an environment where Cisco CallManager exists before Exchange 2000 is installed in AD, and the Exchange 2000 installation fails.

  1. Determine the Windows 2000 Domain Controller holding the schema master by issuing the netdom query fsmo command. Note the value that is returned for Schema owner, and then close the command prompt. Perform the tasks described below on the schema owner.


  2. Expand the W2k_iop_kit.exe file, and then extract the files to C:\Inetorg. You may have to create the C:\Inetorg folder.

  3. On a Windows 2000 Server-based computer that is running as a domain controller, choose Start > Run, then type ldp and press Enter.

  4. In LDP, click Connection, and then click Connect. In the new Connect window, enter the server name or IP address, and leave port as 389. Leave connectionless unchecked.

  5. Determine the rootDomainNamingContext value.


  6. Open C:\InetOrg\Exchange.ldf in Notepad. On every line that has DC=X, replace X with the information above. In this example it would be DC=rcdnevt,DC=com.

  7. Save the document.


  8. Copy the modified Exchange.ldf file to the drive:\Winnt\System32 folder on the domain controller that is running as the schema owner, where drive is the drive on which Windows is installed. On the Cisco ICS 7700 Series Integrated Communication Systems, the folder is c:\w2ks\system32.

  9. Go to the command prompt and issue the ldifde -i -f c:\winnt\system32\exchange.ldf command.

    This is an example output:


  10. Each AD schema is configured differently. In the example above, CN=ms-Exch-Assistant-Name,CN=Schema,CN=Configuration,DC=rcdnevt,DC=com already exists, and line 5 of the exchange.ldf cannot be imported. As a result, the section that begins on line 5 has been deleted. Note that each section begins with dn:.

  11. The output below shows the command ldifde -i -f c:\winnt\system32\exchange.ldf -v being issued again, with similar output. Because the error is on line 6, delete the section starting at line 6, as shown here:


  12. Repeat Steps 9 and 10 as needed.

  13. The output of a successful import is shown here:


  14. You can now integrate Cisco CallManager with AD.


If the plug-in installation failed, check these two files and their respective error messages:

  1. c:\DCDSrvr\log\at_schema_reject.txt

    # Error: DSA is unwilling to perform
    dn: cn=labeledURI,cn=Schema,cn=Configuration,dc=rcdnevt,dc=com
    changetype: add
    adminDisplayName: labeledURI
    attributeID: 1.2.840.113548.
    cn: labeledURI
    isSingleValued: FALSE
    lDAPDisplayName: labeledURI
    distinguishedName: cn=labeledURI,cn=Schema,cn=Configuration,dc=rcdnevt,dc=com
    objectCategory: cn=Attribute-Schema,cn=Schema,cn=Configuration,dc=rcdnevt,dc=com
    objectClass: top
    objectClass: attributeSchema
    oMSyntax: 20
    name: labeledURI
  2. c:\DCDSrvr\log\ad_cfg_error.log

    ldap_add: DSA is unwilling to perform
    ldap_add: additional info: 000020BE: SvcErr: DSID-0326027D, problem 5003 (WILL_NOT_PERFORM),
     data 8382


There is currently no specific troubleshooting information available for this configuration.

Related Information

Updated: Mar 30, 2005
Document ID: 44142