Cisco Cisco TelePresence Management Suite (TMS) Version 15
Create and manage user accounts
Cisco TMS Provisioning Deployment Guide
Page 20 of 47
Automated user creation and management with Microsoft Active
Directory (recommended)
Directory (recommended)
The User Directory in Cisco TMS used for provisioning supports integration with Microsoft Active
Directory for the creation and management of users, making provisioning large numbers of users easy
and scalable. Cisco highly recommends this for the power and flexibility of AD in the solution.
Directory for the creation and management of users, making provisioning large numbers of users easy
and scalable. Cisco highly recommends this for the power and flexibility of AD in the solution.
Users imported to the User Directory in Cisco TMS will show up with gray shirts, while manually created
users show up with blue shirts. For information concerning the manual creation of users, see the section
called
users show up with blue shirts. For information concerning the manual creation of users, see the section
called
.
Once configured, the User Directory will automatically synchronize with Active Directory once a day.
The time of the update is displayed on screen. Currently, this automatic synchronization cannot be
changed, but you can run the AD synchronization manually at any time. Cisco recommends running
manual synchronizations at the highest group folder level possible according to your External Source
Configuration plan.
The time of the update is displayed on screen. Currently, this automatic synchronization cannot be
changed, but you can run the AD synchronization manually at any time. Cisco recommends running
manual synchronizations at the highest group folder level possible according to your External Source
Configuration plan.
For example, if your External Source Configuration begins importing users at root and you have created
search filters that place users in sub group folders under root, then you should run the manual
synchronization from root. You can also run a manual synchronization at the sub group folder level, but
ensure that your AD search filter is correct for that level before proceeding.
search filters that place users in sub group folders under root, then you should run the manual
synchronization from root. You can also run a manual synchronization at the sub group folder level, but
ensure that your AD search filter is correct for that level before proceeding.
Note: Only user names and those fields shown in Mapping of user fields are synchronized—the user's
AD password is NOT imported into the User Directory. Provisioning will automatically assign a user's
Movi password. For more details on mapping of user fields between Active Directory and the
Provisioning Directory database, see
AD password is NOT imported into the User Directory. Provisioning will automatically assign a user's
Movi password. For more details on mapping of user fields between Active Directory and the
Provisioning Directory database, see
Familiarity with Microsoft AD and LDAP is required to synchronize users.
1. Select the root folder.
2. Click on the Click to synchronize this folder with Active Directory link to go to the Edit screen.
3. Enter the LDAP URL to an Active Directory Global Catalog Server and provide the Global Catalog
2. Click on the Click to synchronize this folder with Active Directory link to go to the Edit screen.
3. Enter the LDAP URL to an Active Directory Global Catalog Server and provide the Global Catalog
Port Number (default 3268), for example LDAP URL: ldap://globalcatalog.company.int:3268
4. Enter the Username to use when logging on and importing from Active Directory. Cisco recommends
that this user be the Service Account and that password retention policies are not applied to it.
5. Enter the Password.
6. Enter the selected Base DN, for example dc=ldap,dc=company,dc=com.
7. If necessary, enter the selected Relative Search DN, for example OU=users.
8. Click Save.
6. Enter the selected Base DN, for example dc=ldap,dc=company,dc=com.
7. If necessary, enter the selected Relative Search DN, for example OU=users.
8. Click Save.