Cisco Cisco TelePresence Video Communication Server Expressway
VCS configuration
Configure DNS server
Ensure one or more DNS server addresses are set up on the VCS (
System > DNS
). DNS is required for:
n
Finding the IP address of the LDAP server if the server is defined by name rather than IP address.
n
If SASL is enabled, part of the security process is to perform an IP address to name check – a reverse
DNS lookup for that LDAP server. If SASL is enabled, the DNS servers must support reverse DNS lookup.
DNS lookup for that LDAP server. If SASL is enabled, the DNS servers must support reverse DNS lookup.
Configure LDAP server details on VCS
1. Go to
Users > LDAP configuration
.
2. Configure the following fields so that the VCS can connect to the LDAP server to authenticate login
accounts and check group membership (you can use the questionnaire in to get the appropriate
information from your IT department):
information from your IT department):
Field
Description
Usage tips
Administrator
authentication
source
authentication
source
Select Both.
Both allows you to continue to use
locally-defined accounts. This is useful
while troubleshooting any connection
or authorization issues with the LDAP
server.
locally-defined accounts. This is useful
while troubleshooting any connection
or authorization issues with the LDAP
server.
You cannot log in using a locally-
configured administrator account,
including the default admin account, if
Remote only authentication is in use.
Note: do not use Remote only if VCS is
managed by Cisco TMS.
configured administrator account,
including the default admin account, if
Remote only authentication is in use.
Note: do not use Remote only if VCS is
managed by Cisco TMS.
FindMe
authentication
source
authentication
source
Select Remote.
This option applies only if you are
using FindMe without Cisco TMS.
using FindMe without Cisco TMS.
FQDN
address
resolution
address
resolution
Defines how the LDAP server address is resolved.
SRV record: DNS SRV record lookup.
Address record: DNS A or AAAA record lookup.
IP address: entered directly as an IP address.
Host name
and Domain
and Domain
or
Server
address
address
The way in which the server address is specified
depends on the FQDN address resolution setting:
depends on the FQDN address resolution setting:
SRV record: only the Domain portion of the server
address is required.
address is required.
Address record: enter the Host name and
Domain. These are then combined to provide the
full server address for the DNS address record
lookup.
Domain. These are then combined to provide the
full server address for the DNS address record
lookup.
IP address: the Server address is entered directly
as an IP address.
as an IP address.
If using TLS, the address entered here
must match the CN (common name)
contained within the certificate
presented by the LDAP server.
must match the CN (common name)
contained within the certificate
presented by the LDAP server.
Authenticating VCS Accounts Using LDAP Deployment Guide (X8.1)
Page 5 of 20
VCS configuration