Cisco Cisco TelePresence Video Communication Server Expressway
Introduction
Introduction
With so many pieces of technology needing user credentials to log into them, it is easier and better to
manage usernames and passwords centrally. This means that users can have a single set of sign on
credentials managed by an Active Directory or other LDAP accessible server, rather than having to
remember separate usernames and passwords for each device.
manage usernames and passwords centrally. This means that users can have a single set of sign on
credentials managed by an Active Directory or other LDAP accessible server, rather than having to
remember separate usernames and passwords for each device.
The device being accessed, rather than looking up the username and password in its own internal
database, contacts the LDAP accessible server to both authenticate the user and also to check
whether that authenticated user belongs to a group that the device authorizes to perform the
functionality requested.
database, contacts the LDAP accessible server to both authenticate the user and also to check
whether that authenticated user belongs to a group that the device authorizes to perform the
functionality requested.
Using a central login credential database also allows the company to define policies for passwords,
such as the replacement interval, level of complexity and so on, and be sure that it applies to
passwords for all systems.
such as the replacement interval, level of complexity and so on, and be sure that it applies to
passwords for all systems.
As well as Active Directory, other LDAP accessible servers include Novell eDirectory and OpenLDAP.
This document describes how to configure the Cisco TelePresence Video Communication Server
(Cisco VCS) to authenticate login accounts over LDAP.
(Cisco VCS) to authenticate login accounts over LDAP.
LDAP authentication and authorization is used for web login to the Cisco VCS’s Administrator and
User (FindMe™) accounts. Other logins, including serial, Telnet and SSH continue to use the admin
account configured on the Cisco VCS.
User (FindMe™) accounts. Other logins, including serial, Telnet and SSH continue to use the admin
account configured on the Cisco VCS.
Usage
As an operator you will need to:
have users, together with passwords, configured in the LDAP accessible server
configure groups in the LDAP accessible server which define capabilities of the users
associate users with groups in the LDAP accessible server
configure Cisco VCS for LDAP operation
A user, logging in to the Cisco VCS for administrator access or to configure FindMe™ (depending on
how the Cisco VCS has been configured) will be authenticated using the LDAP server credentials.
how the Cisco VCS has been configured) will be authenticated using the LDAP server credentials.
Both username and password are case sensitive.
VCS Deployment Guide: Authenticating VCS accounts using LDAP (VCS X5.1)
Page 4 of 21