Cisco Cisco TelePresence Video Communication Server Expressway 관리 매뉴얼
Field
Description
Usage tips
Base DN for
accounts
accounts
The ou= and dc= definition of the Distinguished Name
where a search for user accounts should start in the
database structure (case insensitive).
where a search for user accounts should start in the
database structure (case insensitive).
It is important to specify the DN in the order ou=, then
dc=
dc=
This is for authentication of both
administrator login and user login
requests.
administrator login and user login
requests.
The Base DN for accounts and groups
must be at or below the dc level (include
all dc= values and ou= values if
necessary). LDAP authentication does not
look into sub dc accounts, only lower ou=
and cn= levels.
must be at or below the dc level (include
all dc= values and ou= values if
necessary). LDAP authentication does not
look into sub dc accounts, only lower ou=
and cn= levels.
Base DN for
groups
groups
The ou= and dc= definition of the Distinguished Name
where a search for groups should start in the
database structure (case insensitive).
where a search for groups should start in the
database structure (case insensitive).
It is important to specify the DN in the order ou=, then
dc=
dc=
This is for authorization of an
authenticated user to log in as an
administrator or to log in to a user
account.
authenticated user to log in as an
administrator or to log in to a user
account.
If no Base DN for groups is specified,
then the Base DN for accounts will be
used for both groups and accounts.
used for both groups and accounts.
Checking the LDAP Server Connection Status
The status of the connection to LDAP server is displayed at the bottom of the page.
State = Active
No error messages are displayed.
State = Failed
The following error messages may be displayed:
Error message
Reason / resolution
DNS unable to do reverse lookup
Reverse DNS lookup is required for SASL authentication.
DNS unable to resolve LDAP server
address
address
Check that a valid DNS server is configured, and check the spelling of the
LDAP server address.
LDAP server address.
Failed to connect to LDAP server.
Check server address and port
Check server address and port
Check that the LDAP server details are correct.
Failed to setup TLS connection.
Check your CA certificate
Check your CA certificate
CA certificate, private key and server certificate are required for TLS.
Failure connecting to server. Returned
code<return code>
code<return code>
Other non-specific problem.
Invalid Base DN for accounts
Check Base DN for accounts; the current value does not describe a valid
part of the LDAP directory.
part of the LDAP directory.
Invalid server name or DNS failure
DNS resolution of the LDAP server name is failing.
Invalid bind credentials
Check Bind DN and Bind password, this error can also be displayed if
SASL is set to DIGEST-MD5 when it should be set to None.
SASL is set to DIGEST-MD5 when it should be set to None.
277
Cisco TelePresence Video Communication Server Administrator Guide
User Accounts