Cisco Cisco TelePresence Video Communication Server Expressway
5) Exit
-----------------------------------
3. Choose option 2 Leave Domain.
4. When asked, enter the domain administrator username.
5. When asked, enter the domain administrator password (case sensitive).
A successful Leave will result in the messages:
Deleted account for ‘<DNS Local hostname>’ in realm ‘<AD DOMAIN (FQDN)>’
…
Domain leave succeeded
Note that the domain administrator username and password are not stored in VCS; they are only used in Join
AD domain, Leave AD domain and VCS Status operations.
AD domain, Leave AD domain and VCS Status operations.
Example process for moving Jabber Video users to AD direct
authentication
authentication
To migrate Jabber Video users to AD direct authentication:
1. Ensure that VCS is running version X6.1 or later code.
2. Upgrade all Jabber Video clients to version 4.2 or later.
This can be achieved via provisioning – users will be alerted to the fact that a new version of code is
available to download. See Cisco Jabber Video for TelePresence Administrator Guide for details.
available to download. See Cisco Jabber Video for TelePresence Administrator Guide for details.
3. Send out an email to all users requesting that they upgrade their Jabber Video.
Explain that their login password will soon change to be their AD password, and that the Username in
Jabber Video will need to be updated to "<AD Short Domain Name>\username".
Jabber Video will need to be updated to "<AD Short Domain Name>\username".
l
The existing username must be the same as the AD username. If it is not, the authenticated name will
not match the provisioning data username.
not match the provisioning data username.
l
The username must not exceed 20 characters (due to a limitation in Active Directory).
Explain that after a chosen date they will not be able to sign in to Jabber Video if they do not upgrade.
Add a message for Jabber Video for Mac users: Mac-users will not get an upgrade prompt, they will have
to download the new Jabber Video code and upgrade manually.
Add a message for Jabber Video for Mac users: Mac-users will not get an upgrade prompt, they will have
to download the new Jabber Video code and upgrade manually.
4. Configure the VCS for AD direct authentication, but set NTLM protocol challenges to Off.
5. When ready to switch over, on the VCS:
a. Set up Check Credentials on the VCS Default Zone, and the Default Subzone (or relevant subzones).
b. Set NTLM protocol challenges to Auto.
b. Set NTLM protocol challenges to Auto.
6. Send out a reminder email to users that their old Jabber Video and old password will no longer work, that
they need to use Jabber Video 4.2 or later and their AD password and that the Jabber Video Username
must be configured as "<AD Short Domain Name>\username".
must be configured as "<AD Short Domain Name>\username".
Cisco TelePresence Device Authentication on Cisco VCS Deployment Guide (X8.2)
Page 45 of 55
Appendix 3: Active Directory (direct)