Cisco Cisco TelePresence Video Communication Server Expressway

Cisco VCS configuration 

1.  Go to the Login account DAP configuration page (Maintenance > Login accounts > LDAP 

configuration). 

 

 

2.  Configure the following fields so that the Cisco VCS can connect to the LDAP server to 

authenticate login accounts and check group membership (you can use the questionnaire in 
Appendix 1 – IT requisition (for access to authentication server) to get the appropriate information 
from your IT department): 

 

Fully Qualified Domain Name of the LDAP server (case insensitive) or the IP address 
of the LDAP server. 

Address Record: if the Server address above is not an IP address, look the value up 
as an IPv4 DNS A record, or an IPv6 DNS AAAA record. 
SRV Record: if the Server address above is not an IP address, look the value up as 
a DNS SRV record. 

IP port to use on the LDAP server, typically 389 if encryption is off, and 636 if 
encryption is set to TLS. 

If the LDAP server supports TLS encryption, set this to TLS, otherwise set it to Off. 
Note: if encryption is set to TLS, a valid CA certificate, private key and server 
certificate must be uploaded to Cisco VCS in the Security certificates page 
(Maintenance > Security certificates). 

Only applicable if Encryption is TLS. 
None: CRLs are not to be checked. 
Peer: only the CRL directly associated with the Certificate Authority that issued the 
LDAP server’s certificate is checked. 
All: CRLs of all the Certificate Authorities in the trust chain of the LDAP server’s 
certificate are checked. 

VCS Deployment Guide: Authenticating VCS accounts using LDAP (VCS X5.1) 

Page 5 of 21