Corporate Directory Integration with Cisco Unified Communications Manager

From DocWiki

Jump to: navigation, search

This section provides information on integrating Cisco Unified Communications Manager and Active Directory. The users defined in the Active Directory are synchronized into the Unified CM database, while application users are stored only in the Unified CM database need not be defined in the Active Directory.

Contents

Creating Service Account in Active Directory

A service account is created in AD that allows the CM sync agreement to connect and authenticate to it. In this case, the Administrator account is used.

Configuring Cisco Unified Communications Manager Administration LDAP System

You can make changes to LDAP Directory information and LDAP Authentication settings only if synchronization from the customer LDAP directory is enabled in the LDAP System Configuration page. To access the LDAP System Configuration page, choose System > LDAP> LDAP System from the Cisco Unified Communications Manager Administration application.

shows how LDAP System is configured in the Cisco Unified Communications Manager Administration page.

Field Setting
Enable Synchronizing from LDAP Server Yes
LDAP Server Type Microsoft Active Directory
LDAP Attribute for User ID sAMAccountName

Creating a New Directory Replication Agreement

Choose System > LDAP > LDAP Directory and click Add New to add a new Directory Replication Agreement.

shows how LDAP System is configured in the Cisco Unified Communications Manager Administration page.

Field Setting
LDAP Directory Information
LDAP Configuration Name AD
LDAP Manager Distinguished Name cn=Administrator,cn=Users,dc=cdg,dc=com
LDAP Password Enter a password for the LDAP Manager.
Confirm Password Reenter the password that you provided in the LDAP Password field.
LDAP User Search Base cn=Users,dc=cdg,dc=com
LDAP Directory Synchronization Schedule
Perform Sync Just Once Yes
User Fields To Be Synchronized
Cisco Unified Communications Manager User Fields LDAP User Fields
User ID sAMAccountName
Middle Name middleName
Manager ID manager
Phone Number telephoneNumber
First Name givenName
Last Name sn
Department department
Mail ID mail
LDAP Server Information
Host Name or IP Address for Server Enter the host name or IP address of the LDAP server. For example, 10.10.30.10. Enter the LDAP server address for CDG.
LDAP Port 389
Use SSL No

Synchronizing the Users in AD to Cisco Unified Communications Manager

Choose System > LDAP > LDAP Directory and click AD configuration setting. Then go to the bottom of the LDAP Directory page and click the Perform Full Sync Now button to force a manual sync to synchronize the users in AD to Cisco Unified Communications Manager.

Once the sync finishes, choose User Management > Endusers. You can now see the users that were synched from AD in the Cisco Unified Communications Manager DB with an active LDAP status.

Configuring LDAP Authentication

The LDAP Authentication configuration ensures that the users are authenticated against the Active Directory and no longer against the Cisco Unified Communications Manager DB. To configure LDAP authentication, choose System > LDAP > LDAP Authentication.

shows LDAP Authentication Configuration Settings

Field Setting
LDAP Authentication for End Users
Use LDAP Authentication for End Users Yes
LDAP Manager Distinguished Name cn=Administrator,cn=Users,dc=CDG,dc=com
LDAP Password Enter a password for the LDAP Manager.
Confirm Password Reenter the password that you provided in the LDAP Password field.
LDAP User Search Base cn=Users,dc=cdg,dc=com
LDAP Server Information
Host Name or IP Address for Server Enter the host name or IP address where you installed the corporate directory. For example, 10.10.30.10. Enter the LDAP server address for CDG.</font>
LDAP Port 389
Use SSL No

Rating: 4.8/5 (5 votes cast)

Personal tools