Cisco Unified Presence, Release 7.x -- How to Integrate the LDAP Directory with Cisco Unified Communications Manager

From DocWiki

Jump to: navigation, search

Main page: Cisco Unified Presence, Release 7.x


Contents

Previous Topic



Secure Connection Between Cisco Unified Communications Manager and the LDAP Directory

You can secure the connection between the Cisco Unified Communications Manager server and the LDAP directory server by enabling a Secure Socket Layer (SSL) connection for the LDAP server on Cisco Unified Communications Manager, and uploading the SSL certificate to Cisco Unified Communications Manager. You must upload the LDAP SSL certificate as a directory trust certificate on Cisco Unified Communications Manager.


After you upload the LDAP SSL certificate, you need to restart the following services on Cisco Unified Communications Manager:

  • Directory service
  • Tomcat service


See the Cisco Unified Communications Manager documentation for details on uploading a certificate to Cisco Unified Communications Manager.


Related Topics
http://www.cisco.com/en/US/products/sw/voicesw/ps556/prod_maintenance_guides_list.html


Configuring the LDAP Synchronization for User Provisioning

LDAP synchronization uses the Cisco Directory Synchronization (DirSync) tool on Cisco Unified Communications Manager to synchronize information (either manually or periodically) from a corporate LDAP directory. When the DirSync service is enabled, users are automatically provisioned from the corporate directory. The local database is still used, but the facility to create user accounts on Cisco Unified Communications Manager is disabled. You must manage user accounts using the LDAP directory interface.


Before You Begin
  • Make sure that the LDAP server is installed before you attempt the LDAP-specific configuration on Cisco Unified Communications Manager.
  • Activate the Cisco DirSync service on Cisco Unified Communications Manager.


Restrictions

LDAP synchronization does not apply to application users on Cisco Unified Communications Manager. You must manually provision application users in the Unified CM Administration interface.


Procedure
  1. Select Cisco Unified CM Administration > System > LDAP > LDAP System.
  2. Configure the LDAP server type and attribute.
  3. Enable synchronization of data from the LDAP server.
  4. Select Cisco Unified CM Administration > System > LDAP > LDAP Directory
  5. Configure the following items:
    • LDAP directory account settings
    • User attributes to be synchronized
    • Synchronization schedule
    • LDAP server hostname or IP address, and port number
  6. Check Use SSL if you want to use Secure Socket Layer (SSL) to communicate with the LDAP directory.


Troubleshooting Tips
  • If you have configured LDAP over SSL, you must upload the LDAP directory certificate onto Cisco Unified Communications Manager.
  • See the LDAP directory content in the Cisco Unified Communications Manager SRND for information on the account synchronization mechanism for specific LDAP products, and general best practices for LDAP synchronization.


Related Topics
http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/srnd/7x/uc7_0.html
  • Cisco Unified Communications Manager Administration Guide:
http://www.cisco.com/en/US/products/sw/voicesw/ps556/prod_maintenance_guides_list.html


What To Do Next

Configuring LDAP Authentication



Configuring LDAP Authentication

The LDAP authentication feature enables Cisco Unified Communications Manager to authenticate user passwords against the corporate LDAP directory.

Before You Begin

Enable LDAP synchronization on Cisco Unified Communications Manager.


Restrictions

LDAP authentication does not apply to the passwords of Application users; these are still authenticated against the Cisco Unified Communications Manager internal database.


Procedure
  1. Select Cisco Unified CM Administration > System > LDAP > LDAP Authentication.
  2. Enable LDAP authentication for users.
  3. Configure the LDAP authentication settings.
  4. Configure the LDAP server hostname or IP address, and port number


Note: To use Secure Socket Layer (SSL) to communicate with the LDAP directory, check Use SSL.


Troubleshooting Tips

If you have configured LDAP over SSL, you must upload the LDAP directory certificate onto Cisco Unified Communications Manager.


Related Topics
What To Do Next

Configuring a Secure Connection Between Cisco Unified Presence and the LDAP Directory



Configuring a Secure Connection Between Cisco Unified Presence and the LDAP Directory

This topic is only applicable if you have configured a secure connection between Cisco Unified Communications Manager and the LDAP directory.


Note: Perform this procedure on all Cisco Unified Presence nodes in the cluster.

Before You Begin

Enable SSL for LDAP on Cisco Unified Communications Manager, and upload the LDAP directory certificate to Cisco Unified Communications Manager.


Procedure
  1. Select Cisco Unified Operating System Administration > Security > Certificate Management.
  2. Select Upload Certificate.
  3. Select directory-trust from the Certificate Name menu.
  4. Browse and select the LDAP server certificate from your local computer.
  5. Select Upload File.
  6. Restart the Tomcat service on Cisco Unified Presence.


Related Topics


What To Do Next

How to Integrate the LDAP Directory with Cisco Unified Personal Communicator

Rating: 0.0/5 (0 votes cast)

Personal tools