Cisco Cisco TelePresence Video Communication Server Expressway
Cisco VCS configuration
VCS Deployment Guide: Authenticating VCS accounts using LDAP (VCS X6)
Page 8 of 20
Define groups on Cisco VCS
In the LDAP accessible database, groups are assigned to users to give them specific capabilities. The
same groups must be defined on the Cisco VCS and configured with the required authorization levels
for Cisco VCS access.
same groups must be defined on the Cisco VCS and configured with the required authorization levels
for Cisco VCS access.
Groups for administrator login
1. Go to the Administrator groups page (Maintenance > Login accounts > Administrator
groups).
Note: At this stage, ignore the warming “Warning: These groups are not active. To use these groups
you must set the Administrator authentication source to "Remote".” – this will be configured later.
you must set the Administrator authentication source to "Remote".” – this will be configured later.
2. Click New.
3. Configure the fields as follows:
Name
Enter the group name to be used for the type of account required, for example
VCS_admin_RW – for writeable access
VCS_admin_RO – for read-only access
VCS_auditor – for auditor access
Note: the group name entered here must EXACTLY match (case sensitive) the group
name entered in the AD or other authentication server.
VCS_admin_RW – for writeable access
VCS_admin_RO – for read-only access
VCS_auditor – for auditor access
Note: the group name entered here must EXACTLY match (case sensitive) the group
name entered in the AD or other authentication server.
Access
Select the appropriate entry:
Read-write: if writeable access is required
Read-only: if read-only access is required
Auditor: if access only to Event Log, Configuration Log and the Overview page are to be
allowed.
Read-write: if writeable access is required
Read-only: if read-only access is required
Auditor: if access only to Event Log, Configuration Log and the Overview page are to be
allowed.
4. Click Create group.
Note:
Access levels are prioritized so that if an administrator user is found in more than one group,
Auditor access will be preferred to None, Read-only access will be preferred to Auditor and
Read-write access will be preferred to Read-only.
Auditor access will be preferred to None, Read-only access will be preferred to Auditor and
Read-write access will be preferred to Read-only.
If the group name is selected, or View/Edit is selected for an Administrator group entry, Cisco
VCS will check that it can find the group name as it enters the Edit administrator group page. A
warning at the top of the page will be presented if the group name cannot be found. Cisco VCS
will also check whether it can find the group when save is clicked on this page.
VCS will check that it can find the group name as it enters the Edit administrator group page. A
warning at the top of the page will be presented if the group name cannot be found. Cisco VCS
will also check whether it can find the group when save is clicked on this page.
When configured and operating, the user name that must be used to log into the Cisco VCS is the
sAMAccountName; Security Access Manager Account Name (in AD the account’s user logon name).
sAMAccountName; Security Access Manager Account Name (in AD the account’s user logon name).