Corporate Directory Integration with Cisco Unified Communications Manager
From DocWiki
This section provides information on integrating Cisco Unified Communications Manager and Active Directory. The users defined in the Active Directory are synchronized into the Unified CM database, while application users are stored only in the Unified CM database need not be defined in the Active Directory.
Contents |
Creating Service Account in Active Directory
A service account is created in AD that allows the CM sync agreement to connect and authenticate to it. In this case, the Administrator account is used.
Configuring Cisco Unified Communications Manager Administration LDAP System
You can make changes to LDAP Directory information and LDAP Authentication settings only if synchronization from the customer LDAP directory is enabled in the LDAP System Configuration page. To access the LDAP System Configuration page, choose System > LDAP> LDAP System from the Cisco Unified Communications Manager Administration application.
shows how LDAP System is configured in the Cisco Unified Communications Manager Administration page.
| Field | Setting |
| Enable Synchronizing from LDAP Server | Yes |
| LDAP Server Type | Microsoft Active Directory |
| LDAP Attribute for User ID | sAMAccountName |
Creating a New Directory Replication Agreement
Choose System > LDAP > LDAP Directory and click Add New to add a new Directory Replication Agreement.
shows how LDAP System is configured in the Cisco Unified Communications Manager Administration page.
| Field | Setting |
| LDAP Directory Information | |
| LDAP Configuration Name | AD |
| LDAP Manager Distinguished Name | cn=Administrator,cn=Users,dc=cdg,dc=com |
| LDAP Password | Enter a password for the LDAP Manager. |
| Confirm Password | Reenter the password that you provided in the LDAP Password field. |
| LDAP User Search Base | cn=Users,dc=cdg,dc=com |
| LDAP Directory Synchronization Schedule | |
| Perform Sync Just Once | Yes |
| User Fields To Be Synchronized | |
| Cisco Unified Communications Manager User Fields | LDAP User Fields |
| User ID | sAMAccountName |
| Middle Name | middleName |
| Manager ID | manager |
| Phone Number | telephoneNumber |
| First Name | givenName |
| Last Name | sn |
| Department | department |
| Mail ID | |
| LDAP Server Information | |
| Host Name or IP Address for Server | Enter the host name or IP address of the LDAP server. For example, 10.10.30.10. Enter the LDAP server address for CDG. |
| LDAP Port | 389 |
| Use SSL | No |
Synchronizing the Users in AD to Cisco Unified Communications Manager
Choose System > LDAP > LDAP Directory and click AD configuration setting. Then go to the bottom of the LDAP Directory page and click the Perform Full Sync Now button to force a manual sync to synchronize the users in AD to Cisco Unified Communications Manager.
Once the sync finishes, choose User Management > Endusers. You can now see the users that were synched from AD in the Cisco Unified Communications Manager DB with an active LDAP status.
Configuring LDAP Authentication
The LDAP Authentication configuration ensures that the users are authenticated against the Active Directory and no longer against the Cisco Unified Communications Manager DB. To configure LDAP authentication, choose System > LDAP > LDAP Authentication.
shows LDAP Authentication Configuration Settings
| Field | Setting |
| LDAP Authentication for End Users | |
| Use LDAP Authentication for End Users | Yes |
| LDAP Manager Distinguished Name | cn=Administrator,cn=Users,dc=CDG,dc=com |
| LDAP Password | Enter a password for the LDAP Manager. |
| Confirm Password | Reenter the password that you provided in the LDAP Password field. |
| LDAP User Search Base | cn=Users,dc=cdg,dc=com |
| LDAP Server Information | |
| Host Name or IP Address for Server | Enter the host name or IP address where you installed the corporate directory. For example, 10.10.30.10. Enter the LDAP server address for CDG.</font> |
| LDAP Port | 389 |
| Use SSL | No |
