Cisco Cisco TelePresence Video Communication Server Expressway
Cisco VCS configuration
Cisco VCS configuration
Configure LDAP server details on Cisco VCS
1. Go to the Login account DAP configuration page (Maintenance > Login accounts > LDAP
configuration).
2. Configure the following fields so that the Cisco VCS can connect to the LDAP server to
authenticate login accounts and check group membership (you can use the questionnaire in
Appendix 1 – IT requisition (for access to authentication server) to get the appropriate information
from your IT department):
Appendix 1 – IT requisition (for access to authentication server) to get the appropriate information
from your IT department):
Server address
Fully Qualified Domain Name of the LDAP server (case insensitive) or the IP address
of the LDAP server.
of the LDAP server.
FQDN address
resolution
resolution
Address Record: if the Server address above is not an IP address, look the value up
as an IPv4 DNS A record, or an IPv6 DNS AAAA record.
SRV Record: if the Server address above is not an IP address, look the value up as
a DNS SRV record.
as an IPv4 DNS A record, or an IPv6 DNS AAAA record.
SRV Record: if the Server address above is not an IP address, look the value up as
a DNS SRV record.
Port
IP port to use on the LDAP server, typically 389 if encryption is off, and 636 if
encryption is set to TLS.
encryption is set to TLS.
Encryption
If the LDAP server supports TLS encryption, set this to TLS, otherwise set it to Off.
Note: if encryption is set to TLS, a valid CA certificate, private key and server
certificate must be uploaded to Cisco VCS in the Security certificates page
(Maintenance > Security certificates).
Note: if encryption is set to TLS, a valid CA certificate, private key and server
certificate must be uploaded to Cisco VCS in the Security certificates page
(Maintenance > Security certificates).
Certificate
revocation list
(CRL) checking
revocation list
(CRL) checking
Only applicable if Encryption is TLS.
None: CRLs are not to be checked.
Peer: only the CRL directly associated with the Certificate Authority that issued the
LDAP server’s certificate is checked.
All: CRLs of all the Certificate Authorities in the trust chain of the LDAP server’s
certificate are checked.
None: CRLs are not to be checked.
Peer: only the CRL directly associated with the Certificate Authority that issued the
LDAP server’s certificate is checked.
All: CRLs of all the Certificate Authorities in the trust chain of the LDAP server’s
certificate are checked.
VCS Deployment Guide: Authenticating VCS accounts using LDAP (VCS X5.1)
Page 5 of 21