Cisco Cisco TelePresence Video Communication Server Expressway
Cisco VCS configuration
VCS Deployment Guide: Authenticating VCS accounts using LDAP (VCS X6)
Page 9 of 20
Note: Even with remote authentication enabled, the admin account login defined on the Cisco VCS
Administrator accounts page (Maintenance > Login accounts > Administrator accounts) still
allows access to the Cisco VCS.
Administrator accounts page (Maintenance > Login accounts > Administrator accounts) still
allows access to the Cisco VCS.
Groups for user login
1. Go to the User groups page (Maintenance > Login accounts > User groups).
Note: At this stage, ignore the warming “Warning: These groups are not active. To use these groups
you must set the Administrator authentication source to "Remote".” – this will be configured later.
you must set the Administrator authentication source to "Remote".” – this will be configured later.
2. Click New.
3. Configure the fields as follows:
Name
Enter the group name to be used for a read/write account, e.g. VCS_User
Note: the group name entered here must EXACTLY match (case sensitive) the group
name entered in the AD or other authentication server.
Note: the group name entered here must EXACTLY match (case sensitive) the group
name entered in the AD or other authentication server.
Access
Select Read-write.
4. Click Create group.
Note:
If multiple groups specify users who are allowed user access to Cisco VCS, and a user is found
in more than one group, if any of those groups specifies Read-write (rather than None), then the
user will be allowed Read-write access.
in more than one group, if any of those groups specifies Read-write (rather than None), then the
user will be allowed Read-write access.
If the group name is selected, or View/Edit is selected for a user group entry, Cisco VCS will
check that it can find the group name as it enters the Edit administrator group page. A warning
at the top of the page will be presented if the group name cannot be found. Cisco VCS will also
check whether it can find the group when any changes are saved.
check that it can find the group name as it enters the Edit administrator group page. A warning
at the top of the page will be presented if the group name cannot be found. Cisco VCS will also
check whether it can find the group when any changes are saved.
The login user name that must be used to log into the user account is the sAMAccountName; Security
Access Manager Account Name (in AD this is the account’s user logon name).
Access Manager Account Name (in AD this is the account’s user logon name).
Define groups in the authentication server
Defining groups in the authentication server is usually carried out by the IT department; use copies of
Appendix 2 – IT requisition (for group configuration) to request your IT department to set up the
relevant groups and assign users to those groups.
Appendix 2 – IT requisition (for group configuration) to request your IT department to set up the
relevant groups and assign users to those groups.
You are likely to want to set up the following groups:
Read / write administrator (for example, group VCS_admin_RW)
Read-only administrator (for example, group VCS_admin_RO)
Auditor administrator (for example, group VCS_auditor)
Cisco VCS user (for example, group VCS_User)