Unified CCX stores the configuration in the local datastore on the Unified CCX server. Unified CCX accesses the user information from Unified CM via the Unified CM Administrative XML Layer (AXL) API. User authentication is also done via the Unified CM AXL API.
Unified CCX supports Microsoft Active Directory (AD) and Netscape Directory (ND). However, since the integration is done on the Unified CM LDAP configuration, the user information is downloaded from the LDAP directory to the Unified CM local database, which in turn is synched down to Unified CCX periodically via the AXL API. User authentication requests are sent to Unified CM via the AXL API and then relayed to the external LDAP directory service if configured.
Because user authentication requires access to a user database in the LDAP server, if the LDAP server is down or unavailable, you cannot access the Unified CCX Administration web interface and agents cannot log in. Thus, install a redundant LDAP server to provide high availability. Unified CM allows you to configure multiple LDAP servers to provide redundancy.
Unified CCX-specific users for Unified CM Telephony and RmCm subsystems are now created under the Cisco Unified Communications Manager Application User Group. Thus, these users are under the control of Unified CM and can be created by Unified CCX via the AXL API. This allows the Unified CCX auto provisioning feature to work seamlessly without requiring manual access to the LDAP directory configuration tool.
In scenarios where multiple Unified CCX systems are configured on the same Unified CM cluster, each Unified CCX system has visibility to all Resources on the Unified CM cluster. Any user who has been assigned an ICD extension in Unified CM will be listed as a Resource in Unified CCX Administration for each Unified CCX system. Since a Resource can only be associated with one Unified CCX system, this requires that the Administrator be aware of which resources are associated with each system. The Administrator can mitigate the confusion by having a unique naming convention for Resources associated with a particular Unified CCX system.
Since Unified CCX synchronizes with the Unified CM database for user information every 10 minutes, a Unified CM cluster with multiple Unified CCX systems will take longer to synchronize and generate more traffic that could impact the network and server performance.
For more information about LDAP integration on Unified CM, refer to the Cisco Unified Communications Solution Reference Network Design (SRND).
For more information about directory access and best practices, please refer to the directory access and integration topic in Cisco Unified Communications Solution Reference Network Design (SRND) at: http://www.cisco.com/go/ucsrnd