Cisco Cisco TelePresence Video Communication Server Expressway
Appendix 3 – Active Directory structure
VCS Deployment Guide: Authenticating VCS accounts using LDAP (VCS X7.2)
Page 12 of 20
Appendix 3 – Active Directory structure
The diagram below shows an example Active Directory tree structure for corporation.int:
Part of the VCS configuration required for connecting to an LDAP server includes the specification of a
set of distinguished names (DNs). DNs comprise the following elements:
cn
set of distinguished names (DNs). DNs comprise the following elements:
cn
common name (leaves of the tree – usually, see Note below)
ou
organizational unit (branches)
dc
domain content (top of tree)
These elements are listed in a single line as comma separated values. No space should be placed
immediately before or immediately after the comma, but spaces are valid within the common names,
organizational unit names and domain content names.
immediately before or immediately after the comma, but spaces are valid within the common names,
organizational unit names and domain content names.
Using this example Active Directory structure you would define the VCS bind DN as:
cn=vcs,ou=systems,ou=region1,ou=useraccounts,dc=corporation,dc=int
To support region 1 staff, the Base DN for accounts would be:
ou=region1,ou=useraccounts,dc=corporation,dc=int
To support worldwide staff, the Base DN for accounts would be:
ou=useraccounts,dc=corporation,dc=int
The Base DN for groups would be:
ou=groups,dc=corporation,dc=int
corporation.int
useraccounts
groups
region1
region2
vcs_admin_rw
vcs_admin_ro
vcs_auditor
marketing
it
systems
j.smith
p.brown
r.ladd
vcs
sales
member1
memberN
member2
vcs_user