Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2457
Views
0
Helpful
3
Replies

Webex LDAP Authentication

Daniel Flieth
Level 1
Level 1

‎08-09-2016 03:04 AM - edited ‎03-17-2019 06:17 PM

Hi,

we use LDAP Authentication for our CWMS Server. I guess all authentication requests are processed by CUCM Publisher (in wirewshark traces i can see that the CWMS only talk to Publisher, not to ldap directly.)

But how can we login to CWMS as a user when the publisher is down?

Best Regards

Daniel

Labels:
0 Helpful
3 Replies 3

dpetrovi
Cisco Employee
Cisco Employee

‎08-09-2016 04:58 AM

Hi Daniel,

If you are using Directory Integration and have LDAP Authentication enabled on CWMS, all authentication requests are processed by CUCM (via AXL). If CUCM configured in CWMS is not accessible, authentication will fail as no passwords are stored on CWMS.

Only Admin accounts that are created on CWMS and have a local password set will be able to log in.

If your CUCM will be unavailable for a long time, you can go to CWMS Administration > Users > Directory Integration and disable LDAP Authentication. Then, each user will have to setup a local password on CWMS in order to log in.

Please, let me know of any additional questions you might have.

Kind regards,

-Dejan

0 Helpful

Daniel Flieth
Level 1
Level 1
In response to dpetrovi

‎08-09-2016 06:01 AM

Hi Dejan,

thank you for your reply. This means there is no redundancy mechanism if cucm pub is down. If CUCM pub is down and users want to login to webex meeting we need to change the configuration in cwms to subscriber? Is this correct?

Best Regards

Daniel

0 Helpful

dpetrovi
Cisco Employee
Cisco Employee
In response to Daniel Flieth

‎08-09-2016 07:33 PM

Hi Daniel,

So, if in your CUCM cluster you have multiple servers running AXL service, this is kept in CUCM database.

When CWMS connects to the CUCM server configured for Directory Integration, on that first connection, CUCM server provides the list of all the servers running AXL service in the cluster and that list is populated in CWMS. 

This list is updated at every directory sync.

If for some reason, configured CUCM server goes down, CWMS will use the existing list of AXL service providers and will send authentication requests to those other servers. 

With that in mind, if other CUCM servers running AXL service are available, authentication should continue to work.

I hope this helps.

-Dejan

0 Helpful
Customers Also Viewed These Support Documents