Cisco Unified CallManager Administration Guide, Release 5.0(2)
LDAP Directory Configuration
Downloads: This chapterpdf (PDF - 180.0KB) The complete bookPDF (PDF - 6.7MB) | Feedback

LDAP Directory Configuration

Table Of Contents

LDAP Directory Configuration

Finding an LDAP Directory

Configuring an LDAP Directory

LDAP Directory Configuration Settings

Deleting an LDAP Directory

Related Topics


LDAP Directory Configuration


Directory configuration takes place in three related windows:

LDAP System

LDAP Directory

LDAP Authentication

Changes to LDAP Directory information and LDAP Authentication settings are possible only if synchronization from the customer's LDAP directory is enabled in the Cisco Unified CallManager Administration LDAP System window.

Use the following topics to configure LDAP directory information:

Finding an LDAP Directory

Configuring an LDAP Directory

Related Topics

Deleting an LDAP Directory

For more information, see the "Related Topics" section.

Finding an LDAP Directory

Use the following procedure to locate LDAP directory configurations.


Note During your work in a browser session, Cisco Unified CallManager Administration retains your LDAP directory search preferences. If you navigate to other menu items and return to this menu item, Cisco Unified CallManager Administration retains your LDAP directory search preferences until you modify your search or close the browser.


Procedure


Step 1 Choose System > LDAP > LDAP Directory.

The Find and List LDAP Directories window displays. Use the two drop-down list boxes to search for a LDAP directory.

Step 2 From the first Find LDAP Directory where drop-down list box, choose one of the following criteria:

LDAP Configuration Name

LDAP Manager Distinguished Name

LDAP User Search Base

From the second Find LDAP Directory where drop-down list box, choose one of the following criteria:

begins with

contains

is exactly

ends with

is empty

is not empty

Step 3 Specify the appropriate search text, if applicable, and click Find. You can also specify how many items per page to display.


Tip To find all LDAP directories that are registered in the database, click Find without entering any search text.


A list of discovered LDAP directories displays by

LDAP Configuration Name

LDAP Manager Distinguished Name

LDAP User Search Base

Step 4 From the list of records, click the LDAP directory name that matches your search criteria.

The window displays the LDAP directory that you choose.


Additional Information

See the "Related Topics" section.

Configuring an LDAP Directory

This section describes how to add or update information about an LDAP directory that is used to synchronize user data with the Cisco Unified CallManager Administration database.

Procedure


Step 1 Choose System > LDAP > LDAP Directory.

The Find and List LDAP Directories window displays.

Step 2 Perform one of the following tasks:

To add new information about an LDAP directory, locate the appropriate directory as described in the "Finding an LDAP Directory" section, click the Add New button, and continue with Step 3.

To update existing information about an LDAP directory, locate the appropriate directory as described in the "Finding an LDAP Directory" section and continue with Step 3.

Step 3 Enter the appropriate settings as described in Table 13-1.

Step 4 Click Save.

The new LDAP directory gets added or updated to the Cisco Unified CallManager database.


Additional Information

See the "Related Topics" section.

LDAP Directory Configuration Settings

Table 13-1 describes the LDAP directory configuration settings. For related procedures, see the "Related Topics" section.

Table 13-1 LDAP Directory Configuration Settings 

Field
Description
LDAP Directory Information

LDAP Configuration Name

Enter a unique name (up to 40 characters) for the LDAP directory.

LDAP Manager Distinguished Name

Enter the user ID (up to 128 characters) of the LDAP Manager, who is an administrative user that has access rights to the LDAP directory in question.

LDAP Password

Enter a password (up to 128 characters) for the LDAP Manager.

Confirm Password

Re-enter the password that you provided in the LDAP Password field.

LDAP User Search Base

Enter the location (up to 256 characters) where all LDAP users exist. This location is a container or a directory. This information varies depending on customer setup.

LDAP Directory Synchronization Schedule

Perform Sync Just Once

If you want to perform synchronization of the data in this LDAP directory with the data in the Cisco Unified CallManager database only once, check this check box.

Perform a Re-sync Every

If you want to perform synchronization of the data in this LDAP directory with the data in the Cisco Unified CallManager database at a regular interval, use these fields.

In the left field, enter a number. In the drop-down list box, choose a value:

hours

days

weeks

months

Note This field is active only if you do not check the Perform Sync Just Once check box.

Next Re-sync Time
(YYYY-MM-DD hh:mm)

Specify a time to perform the next synchronization of Cisco Unified CallManager directory data with this LDAP directory. Use a 24-hour clock to specify the time of day. For example, 1:00 pm is 13:00.

User Fields To Be Synchronized
Cisco Unified CallManager User Fields
LDAP User Fields
 

User ID

sAMAccountName

For these fields, the Cisco Unified CallManager data in the field specified at left gets synchronized with the LDAP user data in the field specified at right.

Middle Name

(drop-down list box)

For these fields, the Cisco Unified CallManager data in the field specified at left gets synchronized with the LDAP user data in the field specified at right.

For the LDAP User field, choose one of the following values:

middleName

initials

Manager ID

manager

For these fields, the Cisco Unified CallManager data in the field specified at left gets synchronized with the LDAP user data in the field specified at right.

Phone Number

(drop-down list box)

For these fields, the Cisco Unified CallManager data in the field specified at left gets synchronized with the LDAP user data in the field specified at right.

For the LDAP User field, choose one of the following values:

telephoneNumber

ipPhone

First Name

givenName

For these fields, the Cisco Unified CallManager data in the field specified at left gets synchronized with the LDAP user data in the field specified at right.

Last Name

sn

For these fields, the Cisco Unified CallManager data in the field specified at left gets synchronized with the LDAP user data in the field specified at right.

Department

department

For these fields, the Cisco Unified CallManager data in the field specified at left gets synchronized with the LDAP user data in the field specified at right.

Mail ID

(drop-down list box)

For these fields, the Cisco Unified CallManager data in the field specified at left gets synchronized with the LDAP user data in the field specified at right.

For the LDAP User field, choose one of the following values:

mail

sAMAccountName

LDAP Server Information

Host Name or IP Address for Server

Enter the host name or IP address of the server where the data for this LDAP directory resides.

LDAP Port

Enter the port number on which the corporate directory receives the LDAP requests.

Default LDAP port for Microsoft Active Directory and for Netscape Directory specifies 389. Default LDAP port for Secured Sockets Layer (SSL) specifies 636.

Note You can only access this field if LDAP authentication for end users is enabled.

Use SSL

Check this check box to use Secured Sockets Layer (SSL) encryption for security purposes.

Note You can only access this field if LDAP authentication for end users is enabled.

Add Another Redundant LDAP Server

Click this button to add another row for entry of information about an additional server.


Deleting an LDAP Directory

This section describes how to delete an LDAP directory in Cisco Unified CallManager Administration.

Before You Begin

When you delete an LDAP directory, Cisco Unified CallManager removes information about that directory from the database.


Note You can delete multiple LDAP directories from the Find and List LDAP directories window by checking the check boxes next to the appropriate LDAP directories and clicking Delete Selected. You can delete all LDAP directories in the window by clicking Select All and then clicking Delete Selected.


Procedure


Step 1 Find the LDAP directory that you want to delete by using the procedure in the "Finding an LDAP Directory" section.

Step 2 Click the name of the LDAP directory that you want to delete.

The LDAP directory that you chose displays.

Step 3 Click Delete.

You receive a message that asks you to confirm the deletion.

Step 4 Click OK.

The window refreshes, and the LDAP directory gets deleted from the database.


Additional Information

See the "Related Topics" section.

Related Topics

LDAP Directory Configuration

Finding an LDAP Directory

Configuring an LDAP Directory

Deleting an LDAP Directory

Understanding the Directory, Cisco Unified CallManager System Guide

LDAP System Configuration, page 12-1

LDAP Authentication Configuration, page 14-1

Application Users and End Users, Cisco Unified CallManager System Guide

Application User Configuration, page 86-1

End User Configuration, page 87-1