Cisco Cisco Unified MeetingPlace Audio Server Quick Setup Guide
Configuring User Authentication for Cisco Unified MeetingPlace Web Conferencing
How to Configure LDAP Authentication
5
Procedure
Step 1
Sign in to the end-user web interface.
Step 2
Select Admin.
Step 3
Select Web Server.
Step 4
Select the name of the Web Server that you want to configure in the “View” section of the page.
Step 5
Scroll to the Web Authentication section.
Step 6
Select LDAP for “Step 1: Directory”.
Step 7
Enter the LDAP hostname in the field provided.
Example: ldap.domain.com
Step 8
Enter the Distinguished Name (DN) information for your directory in the field provided noting the
following considerations:
following considerations:
•
Cisco Unified MeetingPlace user profile login names are limited to 17 characters; therefore, the
LDAP match must be 17 characters or less.
LDAP match must be 17 characters or less.
•
You can only enter one value for the LDAP Distinguished Name (DN) field. If your users are
segregated into multiple organizational units (OUs), you can work around this issue by using either
the DOMAIN\USER or user@ou.domain.com format for the DN. When configuring the LDAP
Distinguished Name field, enter just %USERNAME%, without specifying an OU, DC, or other
parameter.
segregated into multiple organizational units (OUs), you can work around this issue by using either
the DOMAIN\USER or user@ou.domain.com format for the DN. When configuring the LDAP
Distinguished Name field, enter just %USERNAME%, without specifying an OU, DC, or other
parameter.
Note
All users in the LDAP server directory must be in one container rather than broken into multiple
containers each representing a child OU.
containers each representing a child OU.
•
%USERNAME% is the username that the user enters when logging in.
•
Before sending the request to the LDAP server %USERNAME% is replaced with the username that
the user enters in the login username field. No additional modifications are made to the DN value.
the user enters in the login username field. No additional modifications are made to the DN value.
•
%USERNAME% is case-sensitive, that is, all upper case.
•
If you match any of the following circumstances, leave the DN field blank (empty) instead of
entering %USERNAME%:
entering %USERNAME%:
–
You are authenticating against a multiple LDAP forest configuration. Example:
CN=%USERNAME%, OU=People, DC=mydomain, DC=com
CN=%USERNAME%, OU=People, DC=mydomain, DC=com
–
The LDAP server you are using is the LDAP interface on a Microsoft Active Directory server.
If this is the case, you must leave the DN field blank (empty) for authentication to work. When
configured in this manner, the format of the usernames that the user enters must be
DOMAIN\USER or user@ou.domain.com.
If this is the case, you must leave the DN field blank (empty) for authentication to work. When
configured in this manner, the format of the usernames that the user enters must be
DOMAIN\USER or user@ou.domain.com.
–
You want to send user passwords as protected (that is, not as clear text). Enteringa value for the
DN field sends passwords as clear text.
DN field sends passwords as clear text.
Note
If you choose to enter a value for the DN field, it is your responsibility to establish a secure
connection between the Cisco Unified MeetingPlace web server and the LDAP server. This
is not the same as configuring SSL configuration on the web server. The SSL feature in Cisco
Unified MeetingPlace protects traffic between the client and web server. You will require a
secure connection between the web server and the LDAP server.
connection between the Cisco Unified MeetingPlace web server and the LDAP server. This
is not the same as configuring SSL configuration on the web server. The SSL feature in Cisco
Unified MeetingPlace protects traffic between the client and web server. You will require a
secure connection between the web server and the LDAP server.