Cisco Unified CallManager Administration Guide, Release 5.0(1) - LDAP Directory Configuration [Cisco Unified Communications Manager (CallManager)]

Table Of Contents

LDAP Directory Configuration

Finding an LDAP Directory

Configuring an LDAP Directory

LDAP Directory Configuration Settings

Deleting an LDAP Directory

Related Topics

LDAP Directory Configuration

Directory configuration takes place in three related windows:

•LDAP System

•LDAP Directory

•LDAP Authentication

Changes to LDAP Directory information and LDAP Authentication settings are possible only if synchronization from the customer's LDAP directory is enabled in the Cisco CallManager Administration LDAP System window.

Use the following topics to configure LDAP directory information:

•Finding an LDAP Directory

•Configuring an LDAP Directory

•Related Topics

•Deleting an LDAP Directory

For more information, see the "Related Topics" section.

Finding an LDAP Directory

Use the following procedure to locate LDAP directory configurations.

Note During your work in a browser session, Cisco CallManager Administration retains your LDAP directory search preferences. If you navigate to other menu items and return to this menu item, Cisco CallManager Administration retains your LDAP directory search preferences until you modify your search or close the browser.

Procedure

Step 1 Choose System > LDAP > LDAP Directory.

The Find and List LDAP Directories window displays. Use the two drop-down list boxes to search for a LDAP directory.

Step 2 From the first Find LDAP Directory where drop-down list box, choose one of the following criteria:

•LDAP Configuration Name

•LDAP Manager Distinguished Name

•LDAP User Search Base

From the second Find LDAP Directory where drop-down list box, choose one of the following criteria:

•begins with

•contains

•is exactly

•ends with

•is empty

•is not empty

Step 3 Specify the appropriate search text, if applicable, and click Find. You can also specify how many items per page to display.

Tip To find all LDAP directories that are registered in the database, click Find without entering any search text.

A list of discovered LDAP directories displays by

•LDAP Configuration Name

•LDAP Manager Distinguished Name

•LDAP User Search Base

Step 4 From the list of records, click the LDAP directory name that matches your search criteria.

The window displays the LDAP directory that you choose.

Additional Information

See the "Related Topics" section.

Configuring an LDAP Directory

This section describes how to add or update information about an LDAP directory that is used to synchronize user data with the Cisco CallManager Administration database.

Procedure

Step 1 Choose System > LDAP > LDAP Directory.

The Find and List LDAP Directories window displays.

Step 2 Perform one of the following tasks:

•To add new information about an LDAP directory, locate the appropriate directory as described in the "Finding an LDAP Directory" section, click the Add New button, and continue with Step 3.

•To update existing information about an LDAP directory, locate the appropriate directory as described in the "Finding an LDAP Directory" section and continue with Step 3.

Step 3 Enter the appropriate settings as described in Table 13-1.

Step 4 Click Save.

The new LDAP directory gets added or updated to the Cisco CallManager database.

Additional Information

See the "Related Topics" section.

LDAP Directory Configuration Settings

Table 13-1 describes the LDAP directory configuration settings. For related procedures, see the "Related Topics" section.

Table 13-1 LDAP Directory Configuration Settings

Field

Description

LDAP Directory Information

LDAP Configuration Name

Enter a unique name (up to 40 characters) for the LDAP directory.

LDAP Manager Distinguished Name

Enter the user ID (up to 128 characters) of the LDAP Manager, who is an administrative user that has access rights to the LDAP directory in question.

LDAP Password

Enter a password (up to 128 characters) for the LDAP Manager.

Confirm Password

Re-enter the password that you provided in the LDAP Password field.

LDAP User Search Base

Enter the location (up to 256 characters) where all LDAP users exist. This location is a container or a directory. This information varies depending on customer setup.

LDAP Directory Synchronization Schedule

Perform Sync Just Once

If you want to perform synchronization of the data in this LDAP directory with the data in the Cisco CallManager database only once, check this check box.

Perform a Re-sync Every

If you want to perform synchronization of the data in this LDAP directory with the data in the Cisco CallManager database at a regular interval, use these fields.

In the left field, enter a number. In the drop-down list box, choose a value:

•hours

•days

•weeks

•months

Note This field is active only if you do not check the Perform Sync Just Once check box.

Next Re-sync Time
(YYYY-MM-DD hh:mm)

Specify a time to perform the next synchronization of Cisco CallManager directory data with this LDAP directory. Use a 24-hour clock to specify the time of day. For example, 1:00 pm is 13:00.

User Fields To Be Synchronized

CallManager User Fields

LDAP User Fields

User ID

sAMAccountName

For these fields, the Cisco CallManager data in the field specified at left gets synchronized with the LDAP user data in the field specified at right.

Middle Name

(drop-down list box)

For these fields, the Cisco CallManager data in the field specified at left gets synchronized with the LDAP user data in the field specified at right.

For the LDAP User field, choose one of the following values:

•middleName

•initials

Manager ID

manager

For these fields, the Cisco CallManager data in the field specified at left gets synchronized with the LDAP user data in the field specified at right.

Phone Number

(drop-down list box)

For these fields, the Cisco CallManager data in the field specified at left gets synchronized with the LDAP user data in the field specified at right.

For the LDAP User field, choose one of the following values:

•telephoneNumber

•ipPhone

First Name

givenName

For these fields, the Cisco CallManager data in the field specified at left gets synchronized with the LDAP user data in the field specified at right.

Last Name

sn

For these fields, the Cisco CallManager data in the field specified at left gets synchronized with the LDAP user data in the field specified at right.

Department

department

For these fields, the Cisco CallManager data in the field specified at left gets synchronized with the LDAP user data in the field specified at right.

Mail ID

(drop-down list box)

For these fields, the Cisco CallManager data in the field specified at left gets synchronized with the LDAP user data in the field specified at right.

For the LDAP User field, choose one of the following values:

•mail

•sAMAccountName

LDAP Server Information

Host Name or IP Address for Server

Enter the host name or IP address of the server where the data for this LDAP directory resides.

LDAP Port

Enter the port number on which the corporate directory receives the LDAP requests.

Default LDAP port for Microsoft Active Directory and for Netscape Directory specifies 389. Default LDAP port for Secured Sockets Layer (SSL) specifies 636.

Note You can only access this field if LDAP authentication for end users is enabled.

Use SSL

Check this check box to use Secured Sockets Layer (SSL) encryption for security purposes.

Note You can only access this field if LDAP authentication for end users is enabled.

Add Another Redundant LDAP Server

Click this button to add another row for entry of information about an additional server.

Deleting an LDAP Directory

This section describes how to delete an LDAP directory in Cisco CallManager Administration.

Before You Begin

When you delete an LDAP directory, Cisco CallManager removes information about that directory from the database.

Note You can delete multiple LDAP directories from the Find and List LDAP directories window by checking the check boxes next to the appropriate LDAP directories and clicking Delete Selected. You can delete all LDAP directories in the window by clicking Select All and then clicking Delete Selected.

Procedure

Step 1 Find the LDAP directory that you want to delete by using the procedure in the "Finding an LDAP Directory" section.

Step 2 Click the name of the LDAP directory that you want to delete.

The LDAP directory that you chose displays.

Step 3 Click Delete.

You receive a message that asks you to confirm the deletion.

Step 4 Click OK.

The window refreshes, and the LDAP directory gets deleted from the database.

Additional Information

See the "Related Topics" section.

Related Topics

•LDAP Directory Configuration

•Finding an LDAP Directory

•Configuring an LDAP Directory

•Deleting an LDAP Directory

•Understanding the Directory, Cisco CallManager System Guide

•LDAP System Configuration, page 12-1

•LDAP Authentication Configuration, page 14-1

•Application Users and End Users, Cisco CallManager System Guide

•Application User Configuration

•End User Configuration