Deployment Guide for Directory Connector

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Book Contents
Find Matches in This Book
Available Languages
Download Options

Book Title

Deployment Guide for Directory Connector

Chapter Title

Overview of Directory Connector

Results

Updated:
May 11, 2023

Chapter: Overview of Directory Connector

Overview of Directory Connector

Directory Connector Overview

Directory Connector is an on-premises application for identity synchronization in to the cloud. You download the connector software from Control Hub and install it on your local machine.

With Directory Connector, you can maintain your user accounts and data in the Active Directory, so Active Directory becomes the single source of truth. When you make a change on-premises, it is replicated to the cloud.

See all the features, descriptions, and benefits in the table:

Feature Description and Benefit
Easy-to-use dashboard The dashboard provides a synchronization schedule, summary, and status of synchronization, and the status of the Directory Connector. You can view the dashboard any time you sign in.
Dry run before synchronizing to the cloud Conduct a dry run of changes to the directory before they are implemented in the cloud. Then run a report to see that the changes you want to make are what you expect.
Full and incremental synchronization Synchronize the entire directory. Or just synchronize the incremental changes to save on processing power and shorten synchronization time.

Synchronize multiple domains (single forest or multiple forests)

Directory Connector supports multiple domains either under a single forest or under multiple forests (without the need for AD LDS). For enterprises with multiple Active Directory domains, you can install a Directory Connector for each domain, bind each domain to your organization, and then synchronize each user base into Webex. Control Hub reflects the status by showing the synchronization state for multiple Directory Connectors, allows you to turn off synchronization for a specific domain, and deactivate a Directory Connector in a high availability deployment.

Scheduled synchronization Set a synchronization schedule by day, hour, and minute.
Lightweight Directory Access Protocol (LDAP) filters Define LDAP search criteria and provide efficient imports.
Active Directory attribute mapping Map Microsoft Active Directory attributes to corresponding Webex cloud attributes. You can map attributes that are relevant to your Active Directory configuration and also define custom attributes to map to the cloud. The attributes from the premises form various data in the cloud, such as user account information, enteprise phone numbers in Webex Teams, Room resource SIP addresses, and other user contact card data (job title, department, manager, and so on).

Corporate Directory for on-premises Room resources and Cisco Webex Calling (Formerly Spark Call) (Cloud PSTN) Users and Enterprise Contacts without Webex Licensing

If part of your organization uses Cisco Webex Calling (Formerly Spark Call) cloud PSTN for call service or you have on-premises Room devices, this feature lets users search the directory for enterprise contacts from their Cisco Webex Calling (Formerly Spark Call) (cloud PSTN) phones or Room resources.

Room Resources
After you synchronize the room information, the on-premises room devices with a configured, mapped SIP address show up as searchable entries on cloud-registered room devices, such as a Cisco Webex Room Device or Cisco Webex Board.

When users do a search on a Cisco Webex Room Device or Cisco Webex Board, you'll see the synchronized room entries that are configured with SIP addresses. When they place a call from the Webex device on that entry, a call will be placed to the SIP address that was configured for the room.

Calling
Users can make calls to enterprise contacts in addition to Webex App contacts. Through Directory Connector, the enterprise users and their phone numbers are added to your Webex organization. They do not need to be licensed for Webex services for this feature to work.

Users that are not licensed for Webex will appear in the directory search performed from a Cisco Webex Calling (Formerly Spark Call) user's phone as long as there is a URI or a phone number synchronized to Webex through the Directory Connector. Calling functionality behaves the same for both types of users. This feature also provides edit dial functionality for contacts with only phone numbers.

In the contacts search result:

  • If contacts have a dialable URI (Webex SIP address) and phone number, the URI assocoiated with the contact is displayed.

  • If contacts do not have a dialable URI but do have a phone number, the phone number is shown. They also have an edit dial softkey.

  • If contacts have neither, they are not shown in the directory.

Event viewer Use the event viewer to determine if there were any issues with the synchronization.
Diagnostic Tool and Troubleshooting You can use the built in diagnostic tool to troubleshoot your Cisco Directory Connector deployment. If synchronization didn't work properly, you may have a configuration or network error. This tool tests your connection to Active Directory so that you can diagnose errors yourself before contacting support.

Once you enable troubleshooting in Directory Connector, logs are written that can be sent to technical support.

Automatic upgrade After you install Directory Connector, you're sent a notification whenever a new version of the software is available. You can set up automatic upgrades so that you're always on the latest version of the software when a new version is released.
High availability Configure multiple connectors so that there is a backup, in case the main connector or the machine hosting it goes down.

Directory Connector is divided into three areas:

  • Control Hub is the single interface that lets you manage all aspects of your Webex organization: view users, assign licenses, download Directory Connector, and configure single sign-on (SSO) if you want your users to authenticate through their enterprise identity provider and you don't want to send email invitations for the Webex App.

  • Directory Connector management interface is the software that you download from Control Hub and install on a trusted Windows server. For multiple Active Directory domains, you can install one instant of the software for each domain that you want to synchronize. Using the software, you can run a synchronization to bring your Active Directory user accounts into Webex, view and monitor synchronization status, and configure Directory Connector services.

  • Directory synchronization service queries your Active Directory to retrieve users and groups to synchronize to the connector service and Directory Connector.

Refer to this diagram to understand the Directory Connector architecture:

Figure 1. Architecture for Directory Connector

Was this Document Helpful?

FeedbackFeedback

Contact Cisco