62 Chapter 5 Using Directory SynchronizationCallPilot server in one synchronization session, saving the administratorfrom spending time manually entering the information.• A large corporation has an AD server containing thousands of users. Aswell, they have CallPilot servers located in various places throughoutthe corporation. With Directory Synchronization, a single administratorcan add, update, and remove CallPilot users in multiple locations from acentral AD.Directory Synchronization can synchronize with an Active Directory runningon Windows 2000 Server (Standard and Advanced Editions) or WindowsServer 2003, Standard and Enterprise Editions.Data is always driven from the Active Directory to CallPilot. The ActiveDirectory is also referred to as the "external directory" in this document.Defining the Active Directory requirementsBefore you configure Directory Synchronization, you must ask the ActiveDirectory Administrator for an administrator account which includes username and password. The AD administrator must delegate control to thisuser account for the portion of the directory you are synchronizing, withthe following minimum permissions:• Read permissions to object class "users" (Windows 2000)• Read permissions to object class "users" and "inetOrgPerson" (Windows2003)• Write permissions to the LDAP attribute "otherMailbox", which has thedisplay name "E-mail Address (Others)"You require the following information about the Active Directory:• The FQDN. This is the Fully Qualified Domain Name of the ActiveDirectory server. The FQDN is usually the computer name plus theDomain Name System (DNS) suffix separated by dots. The easiest wayto find this information is to ping the computer name. The figure showsthe FQDN being returned as willim-r220110.ca.nortel.com.Nortel CallPilotAdministrator GuideNN44200-601 01.11 Standard5.0 9 November 2007Copyright © 2007, Nortel Networks.