Cisco Cisco TelePresence Video Communication Server Expressway 관리 매뉴얼
■
Include the Active Directory fully qualified domain name of the domain controller in the common name in the
subject field and/or the DNS entry in the subject alternative name extension.
subject field and/or the DNS entry in the subject alternative name extension.
To configure the VCS to use TLS on the connection to the LDAP server you must upload the CA’s certificate as a
trusted CA certificate. This can be done on the VCS by going to: Maintenance > Security certificates > Trusted CA
certificate.
trusted CA certificate. This can be done on the VCS by going to: Maintenance > Security certificates > Trusted CA
certificate.
Configuring an OpenLDAP Server
Prerequisites
These instructions assume that an OpenLDAP server has already been installed. For details on installing OpenLDAP
see the documentation at
see the documentation at
.
The following examples use a standard OpenLDAP installation on the Linux platform. For installations on other
platforms the location of the OpenLDAP configuration files may be different. See the OpenLDAP installation
documentation for details.
platforms the location of the OpenLDAP configuration files may be different. See the OpenLDAP installation
documentation for details.
Installing the H.350 Schemas
1.
Download all the schema files from the VCS (Configuration > Authentication > Devices > LDAP schemas).
Ensure that all characters in the filename are in lowercase and name each file with a .schema extension.
Hence:
Ensure that all characters in the filename are in lowercase and name each file with a .schema extension.
Hence:
commobject.schema
h323identity.schema
h235identity.schema
sipidentity.schema
h323identity.schema
h235identity.schema
sipidentity.schema
2.
Determine the index of each schema file via
slapcat
. For example,for commobject.schema:
sudo slapcat -f schema_convert.conf -F ldif_output -n 0 | grep commobject,cn=schema
will return something similar to:
dn: cn={14}commobject,cn=schema,cn=config
The index value inside the curly brackets {} will vary.
3.
Convert each schema file into ldif format via
slapcat
. Use the index value returned by the previous command.
For example, for commobject.schema:
slapcat -f schema_convert.conf -F ldif_output -n0 -H ldap:///cn={14}commobject,cn=schema,cn=config -l
cn=commobject.ldif
cn=commobject.ldif
4.
Use a text editor to edit the newly created file (cn=commobject.ldif in the case of the commobject file) and
remove the following lines:
remove the following lines:
structuralObjectClass:
entryUUID:
creatorsName:
createTimestamp:
entryCSN:
modifiersName:
modifyTimestamp:
5.
Add each schema to the ldap database via
ldapadd
. For example, for cn=commobject.ldif:
sudo ldapadd -Q -Y EXTERNAL -H ldapi:/// -f cn\=commobject.ldif
(the backslash after
cn
is an escape character)
6.
Repeat these steps for every schema file.
.
Adding H.350 Objects
Create the organizational hierarchy:
359
Cisco TelePresence Video Communication Server Administrator Guide