Polycom Welding System 3725-77601-001H Manual Do Utilizador
Polycom CMA System Operations Guide
358
Polycom, Inc.
• Security: Local accounts have their own passwords, which are stored on
the CMA system. Active Directory user accounts maintain the same users'
Active Directory credentials and password complexity policies, which are
validated by the domain controllers.
How Global Catalog Searches Work
When you integrate the CMA system with Active Directory, you can configure
it to integrate in one of two ways:
• It can access a specific global catalog server by host name or IP address
• It can access a specific global catalog server by host name or IP address
(not recommended, due to a lack of redundancy).
If you select this option, the domain name that you specify for the CMA
If you select this option, the domain name that you specify for the CMA
system must match the DNS name suffix of the Global Catalog server
(example: dc1.polycom.com configured as the Global Catalog, then you
must enter polycom.com as the domain name of the CMA system server).
• It can auto-discover the server by querying the DNS for the closest Global
Catalog server (strongly recommended).
If you select this option, you can specify any domain in the Active
If you select this option, you can specify any domain in the Active
Directory forest in the Domain Name criteria for the CMA system server.
The DNS server must contain Active Directory-specific entries.
It is recommended that you enter the forest root DNS domain name.
It is recommended that you enter the forest root DNS domain name.
When configured to auto-discover the server, every time the CMA system
needs to bind to a Global Catalog server for LDAP queries, the CMA system
performs the following.
• Uses Microsoft's LDAP Ping mechanism to determine the site in which the
• Uses Microsoft's LDAP Ping mechanism to determine the site in which the
system is located.
• Uses a DNS SRV record query to find a Global Catalog server within the
same site.
• Connects to the Global Catalog on the domain controller and queries for
the object in question and any relevant information (such as GUID, userID,
name, phone number).
You can secure the connection between the CMA system and the Active
Directory server's Global Catalog using LDAP-S (via outbound TCP/UDP
port 3269) or Start TLS (via outbound 3268 TCP/UDP). To implement the
secure connection, the appropriate ports must be open on any network
equipment between the Global Catalog and the CMA system.