Cisco Cisco Intelligent Automation for Cloud 4.3.1 Installation Guide
47
Cisco Systems, Inc.
www.cisco.com
Optional Tasks
Setting Up Active Directory Integration (If Applicable)
This section provides examples of setting up optional directory integration in Microsoft Active Directory. Because there
are many scenarios for directory integration configuration based on the directory product and settings, it is likely that
your environment will vary from what is presented here. However, the required sequence of configuring directory
integration would be the same.
are many scenarios for directory integration configuration based on the directory product and settings, it is likely that
your environment will vary from what is presented here. However, the required sequence of configuring directory
integration would be the same.
Cisco Prime Service Catalog can integrate with directory servers to synchronize user information. This synchronization
can be initiated whenever a user logs on or is chosen or during Person Lookup in Prime Service Catalog. Prior to
configuring integration in Prime Service Catalog, you must have a directory server installed and populated with corporate
data.
can be initiated whenever a user logs on or is chosen or during Person Lookup in Prime Service Catalog. Prior to
configuring integration in Prime Service Catalog, you must have a directory server installed and populated with corporate
data.
Note:
For instructions on configuring directory integration if your setup varies, see the Cisco Prime Service Catalog 10.x
Integration Guide. The latest version can be found here:
http://www.cisco.com/c/en/us/support/cloud-systems-management/prime-service-catalog-10-0/model.html#Install
andUpgradeGuides
andUpgradeGuides
Prerequisites
Before configuring directory integration for use with Cisco IAC, you must complete the following tasks:
Set up organizational unit structure on the LDAP server. If you do not have privileges to perform this task on the LDAP
server, seek help from your LDAP server administrator.
server, seek help from your LDAP server administrator.
Create the following user accounts in the Users folder on the LDAP server:
—
nsAPI user
—
A user account (any username) with “Read MemberOf” permissions that will be used for performing
authentication, directory searches, and user imports into the Prime Service Catalog.
authentication, directory searches, and user imports into the Prime Service Catalog.
Note:
Cisco IAC 4.3.1 supports multiple memberships to multiple organizations. However, through Directory Integration
these can only be mapped to a single organization. After the user has been imported, a CPTA can add the user to
additional organizations and assign a Home OU (default organization).
additional organizations and assign a Home OU (default organization).
Configuring an LDAP Server
The first step is to add a data source and test the connection in Cisco Prime Service Catalog. The instructions in this
section are how one would connect to the LDAP server in the example scenario.
section are how one would connect to the LDAP server in the example scenario.
1.
Choose Service Portal from the module drop-down list, then click the System Settings from the Setup tab.
2.
On the System Setup portal, click the Connections tab to open the portlet, then click Manage Directory Server
Connection.
Connection.
3.
Click Add to display the Datasources Configuration pane.
4.
In the Add or Edit a Datasource pane, enter the following: