Cisco Cisco TelePresence Management Suite (TMS) Version 15
Setting up and maintaining the Provisioning Directory
Cisco TelePresence Management Suite Agent Legacy Deployment Guide (13.2)
Page 21 of 55
Synchronizing with AD
After initial configuration and synchronization, the User Directory will automatically synchronize with Active
Directory once a day. The time of the update is displayed on screen.
Directory once a day. The time of the update is displayed on screen.
user's AD password is not imported into the User Directory. A provisioning password for each user will be
automatically assigned.
automatically assigned.
Currently, the automatic synchronization cannot be changed, but you can run the AD synchronization
manually at any time. We recommend running manual synchronizations at the highest group folder level
possible according to your External Source Configuration plan.
manually at any time. We recommend running manual synchronizations at the highest group folder level
possible according to your External Source Configuration plan.
For example, if your External Source Configuration begins importing users at root and you have created
search filters that place users in sub group folders under root, then you should run the manual
synchronization from root. You can also run a manual synchronization at the sub group folder level, but
ensure that your AD search filter is correct for that level before proceeding.
search filters that place users in sub group folders under root, then you should run the manual
synchronization from root. You can also run a manual synchronization at the sub group folder level, but
ensure that your AD search filter is correct for that level before proceeding.
Familiarity with Microsoft AD and LDAP is required to synchronize users.
Note: Cisco TMS Agent Legacy does not support the following characters are not allowed in usernames or
display names: \,+"<>./. Importing names that contains these characters may lead to issues with for
example phone book parsing.
display names: \,+"<>./. Importing names that contains these characters may lead to issues with for
example phone book parsing.
Synchronizing from root level
1. Select the root folder.
2. Click on the Click to synchronize this folder with Active Directory link to go to the Edit screen.
3. Enter the LDAP URL to an Active Directory Global Catalog Server and provide the Global Catalog Port
Number (default 3268), for example ldap://globalcatalog.company.int:3268.
4. Enter the Username to use when logging on and importing from Active Directory. We recommend that this
user be the Service Account and that password retention policies are not applied to it.
5. Enter the Password.
6. Enter the selected Base DN, for example dc=ldap,dc=company,dc=com.
7. If necessary, enter the selected Relative Search DN, for example OU=users.
8. Click Save.