In short, you have to have a proper h.350 directory reflecting the provisioning directory, LDAP as the

database type and proper zone auth settings.

To prevent Movi/Jabber to use NTLM set "NTLM protocol challenges" to "off".

That shall do the trick.

Maybe Movi/Jabber need to TMS provide user authentication.

I must complete TMS agent function.add user on TMS-->system-->provision-->direction.VCS can provide user's authentication.

Hi Patrick,

Any need for running both at same time??

Jabber can utilize AD direct or H.350  for authentication purpose. I love AD direct mechanism thats fairly simple to implement and straight forward.

For H.350 you should have all the LDAP information and  schemas to be uploaded in AD.

Thanks

Alok

No reason, I was simply doing a test of each and never disabled them afterward.  I was able to get AD working, but having the domain as part of the username would mean all of our users would need to adjust their logins, something that could be confusing and troublesome for some.  That is why I was trying LDAP, from my knowledge, they wouldn't need the domain correct?  I think what I'm missing is the LDAP schemeas, I'll have to ask our network administrator of the possibility about them being installed, something I didn't know of until now.

Hi Patrick,

Yes, thats required when you used the H.350 directory services lookup from LDAP.

http://www.cisco.com/en/US/docs/telepresence/infrastructure/vcs/config_guide/Cisco_VCS_Authenticating_Devices_Deployment_Guide_X7-1.pdf

check the page 15.

Thanks

Alok