Information Technology Reference
In-Depth Information
CUC can import users from a number of different vendors' implementations of LDAP.
These user accounts are held and maintained in the LDAP system, with certain fields (at-
tributes) copied as read-only entries to the CUC database. User authentication can be op-
tionally redirected from the local CUC database to the LDAP system as well.
To enable LDAP synchronization, follow these steps:
1.
In the CUC Cisco Unified Serviceability interface, navigate to
To o l s
>
Services
.
2.
Select the
DirSync
service and click
Save
.
3.
In the CUC Administration interface, navigate to
System Settings
>
LDAP
>
LDAP Setup
.
4.
Check the
Enable Synchronizing From LDAP Server
checkbox.
5.
Choose the
LDAP Server Type
from the drop-down.
6.
In the
LDAP Attribute for User ID
drop-down, select the LDAP attribute that will
be mapped to the CUC Alias attribute. The selected attribute in LDAP must contain
data, and the data must be unique. User accounts without data in the selected attrib-
ute will not be imported.
7.
Navigate to
LDAP
>
LDAP Directory Configuration
.
8.
Enter an
LDAP Configuration Name
. It is recommended to use a name that identifies
the users are being imported, especially if multiple User Search Bases are configured.
9.
Enter the
LDAP Manager Distinguished Name
and
LDAP Password
: This is the
LDAP account and password that CUC uses to read and import the LDAP database.
10.
Enter the
LDAP User Search Base
: This entry defines the point at which CUC will
begin reading the LDAP database. Most LDAP designs are hierarchical tree struc-
tures; CUC starts the LDAP search at the point in the tree specified by the User
Search Base and can read down all branches of the tree. It cannot move up the tree
from that point, nor can it cross to other branches. CUC can only integrate with a sin-
gle LDAP database. If the administrator does not know the LDAP design or the cor-
rect syntax for the User Search Base, he should contact the LDAP administrator to
confirm what should be entered. An example search base might be cn=Users,
DC=cisco, DC=com.
11.
In the
LDAP Directory Synchronization Schedule
section, choose to
Perform Sync
Just Once
if you do not want to have CUC perform a regular sync. Choosing this op-
tion will cause CUC to only refresh and update current user information; it will not
import any new users created since the agreement was last synchronized. A new User
Import must be performed to create those users in CUC.
12.
To have CUC synchronize on a regular scheduled basis, set the
Perform a Re-sync
Every
interval as desired.
13.
To configure the mappings between LDAP attributes and CUC user database attrib-
utes, set the desired values in the
User Fields to Be Synchronized
section. Different
fields will be changeable, with different field names listed depending on the LDAP
type/vendor selected.
