Configuration Guide for Cisco Unified MeetingPlace Web Conferencing Release 5.3.
Configuring User Authentication in Cisco Unified MeetingPlace Web Conferencing Release 5.3(104)

Table Of Contents

Configuring User Authentication in Cisco Unified MeetingPlace Web Conferencing Release 5.3(104)

About User Authentication in Cisco Unified MeetingPlace Web Conferencing Release 5.3(104)

Restricting the \MPWeb\Scripts Directory

Unprotecting the Cisco IP Phone Support Files

Restricting NTFS Access in the MPWeb Folder

Configuring the Web Server for Windows Authentication


Configuring User Authentication in Cisco Unified MeetingPlace Web Conferencing Release 5.3(104)


This section describes how to configure user authentication in Cisco Unified MeetingPlace Web Conferencing Release 5.3(104). For information about how to configure user authentication for Release 5.3(235) or a later release, see Chapter 5, "Configuring User Authentication in Cisco Unified MeetingPlace Web Conferencing Release 5.3(235) and Later Releases".

Topics in this section include:

About User Authentication in Cisco Unified MeetingPlace Web Conferencing Release 5.3(104)

About User Authentication in Cisco Unified MeetingPlace Web Conferencing Release 5.3(104)

If you require users to log in to the Windows domain before accessing Cisco Unified MeetingPlace Web Conferencing, configure your web server for Windows authentication. This allows Cisco Unified MeetingPlace Web Conferencing to pass Windows login IDs to the web server for verification. When the web server receives this information, it compares Windows login IDs to Cisco Unified MeetingPlace user IDs for a match. If the two IDs match, users are automatically logged in to Cisco Unified MeetingPlace Web Conferencing. Users accessing a Windows authenticated server must have Microsoft Java Virtual Machine (JVM) installed on their client machines to access the meeting console.


Note To ease user ID synchronization, we recommend that you create all Cisco Unified MeetingPlace usernames as lowercase. Also, install Cisco Unified MeetingPlace Directory Services to synchronize Windows and Cisco Unified MeetingPlace IDs. For more information, contact your Cisco sales representative.


To configure user authentication in Cisco Unified MeetingPlace Web Conferencing Release 5.3(104), complete the following tasks in the order presented:

Stopping All Cisco Unified MeetingPlace Web Conferencing Services, page 2-2

Restricting the \MPWeb\Scripts Directory

(Optional) Unprotecting the Cisco IP Phone Support Files

Restricting NTFS Access in the MPWeb Folder

Configuring the Web Server for Windows Authentication

Restarting All Cisco Unified MeetingPlace Web Conferencing Services, page 2-2

Restricting the \MPWeb\Scripts Directory

Before You Begin

If your Cisco Unified MeetingPlace system includes the Cisco Unified MeetingPlace for Outlook integration, configure Cisco Unified MeetingPlace Web Conferencing to allow Outlook to authenticate before completing this procedure. For instructions, see the "Allowing Cisco Unified MeetingPlace for Outlook Authentication" section on page 5-3.

Stop the Cisco MeetingPlace Web Conferencing Service. For instructions, see the "Stopping All Cisco Unified MeetingPlace Web Conferencing Services" section on page 2-2.

Procedure


Step 1 From Start > Programs > Administrative Tools > Internet Services Manager, navigate to the virtual directory \MPWeb\Scripts.

Step 2 Right-click the \Scripts folder and choose Properties.

Step 3 From the Properties window, click the Files Security tab.

Step 4 From Anonymous Access and Authentication Control, click Edit.

Step 5 From the Authentication Methods window, uncheck Anonymous Access; then, complete one of the following:

If your company cannot use Integrated authentication (for example, your users do not use Windows), check Basic authentication.

If your company supports this option, check Integrated Windows authentication.

Step 6 Click OK; then, OK again to return to the Microsoft Management Console.

Step 7 Click Exit.

Step 8 Proceed to the next task in your configuration as follows:

If you are using Cisco IP phones with your Cisco Unified MeetingPlace Web Conferencing deployment, proceed to the "Unprotecting the Cisco IP Phone Support Files" section.

If you are not using Cisco IP phones with your Cisco Unified MeetingPlace Web Conferencing deployment, proceed to the "Restricting NTFS Access in the MPWeb Folder" section.


Unprotecting the Cisco IP Phone Support Files

Complete this procedure if you are using Cisco Unified MeetingPlace Directory Services, Cisco IP Phones, and Windows authentication. You must complete the following procedure for all of your 7960*.asp files.

Before You Begin

Complete the "Restricting the \MPWeb\Scripts Directory" section.

Use a profile with System Manager privileges when completing this procedure.

Procedure


Step 1 From the IIS Admin window, navigate to the \Scripts folder.

Step 2 Right-click a 7960*.asp script file and choose Properties.

Step 3 From the Properties window, click the Files Security tab.

Step 4 From Anonymous Access and Authentication Control, click Edit.

Step 5 From the Authentication Methods window, check Anonymous Access; then, check Integrated Windows authentication.

Step 6 Click OK; then, click OK again to return to the Microsoft Management Console.

Step 7 Repeat Step 1 through Step 6 with the rest of your 7960*.asp files until you have unprotected all of them.

Step 8 From Console, click Exit.

Step 9 Proceed to the "Restricting NTFS Access in the MPWeb Folder" section.


Restricting NTFS Access in the MPWeb Folder

Before You Begin

If you are using Cisco IP phones with your Cisco Unified MeetingPlace Web Conferencing deployment, complete the "Unprotecting the Cisco IP Phone Support Files" section.

If you are not using Cisco IP phones with your Cisco Unified MeetingPlace Web Conferencing deployment, complete the "Restricting the \MPWeb\Scripts Directory" section.

Procedure


Step 1 From Start > Programs > Windows Explorer, browse to the location of the MPWeb directory.

Step 2 Right-click the MPWeb directory and choose Properties.

Step 3 From the Security tab, click Permissions. Do not make any changes to the permissions list other than those described below:

Remove the Everyone and Anonymous access accounts.

Add the IUSR account, typically IUSR_hostname, where hostname is typically the server's hostname, that is, NetBIOS name.

Step 4 Add the group of users who are allowed to access Cisco Unified MeetingPlace and then click OK.

Step 5 Proceed to the "Configuring the Web Server for Windows Authentication" section.


Configuring the Web Server for Windows Authentication

Before You Begin

Complete the "Restricting NTFS Access in the MPWeb Folder" section.

Procedure


Step 1 Sign in to Cisco Unified MeetingPlace Web Conferencing.

Step 2 From the Welcome page, click Admin; then, Web Server.

Step 3 From the "View" section of the page, click the name of the web server that you want to configure.

Information about this web server populates the "Edit" section of the page.

Step 4 For Hostname, enter the hostname, IP address, or fully qualified domain name (FQDN) of this web server.


Note If you use an IP address or FQDN, you will be prompted for your Windows login information when you try to access Cisco Unified MeetingPlace Web Conferencing even if you are already logged on to your computer with your domain Windows account. This is due to the way the Windows OS and IIS deal with Windows authentication. For more information, including two workarounds, see the "Troubleshooting Problems with Improper Functionality of Windows Authentication" section on page 5-18.


Step 5 For Trust Web Server Authentication, choose Yes.

Step 6 Click Submit.

Step 7 Restart the Cisco MeetingPlace Web Conferencing Service.

For instructions, see the "Restarting All Cisco Unified MeetingPlace Web Conferencing Services" section on page 2-2.