Cisco Jabber can search Microsoft Active Directory or Open LDAP directories for contact information.
Requirements for Integration with Corporate Directory:
Use one of the following for Lightweight Directory Access Protocol (LDAP):
- Microsoft Active Directory 2003
- Microsoft Active Directory 2008
- Open LDAP (with some limitations)
Restriction for Active Directory:
- Phone numbers must be unformatted.
- Global Catalog must be enabled.
- Replicate all the Active Directory attributes that Jabber must access to the Global Catalog servers. Otherwise, Jabber cannot access the attribute information on the default port. See how to modify attributes to replicate to the Global Catalog.
Procedure:
| Step 1 | Sign in to the Unified CM Administration portal. |
| Step 2 | Navigate to the Cisco Dual Mode device page for the user. |
| Step 3 | In the Product Specific Configuration Layout section, enter the iPhone country code. This information helps determine the Caller ID. |
| Step 4 | Enter LDAP User Authentication settings: - If credentials are not needed to access directory services, select Disabled.
- If users must enter credentials to access directory services, select Enabled.
|
| Step 5 | Enter LDAP username and password: - Enter credentials for a single read-only account that all users use to access Active Directory. These credentials are sent in clear text in the TFTP file. Users need not enter credentials into Cisco Jabber.
- Enter a username with access to the directory and leave the password blank. You must give the password to each user and tell users to enter the password into the settings in Cisco Jabber.
- If authentication is not required, leave these settings blank.
By default, the LDAP username is the userPrincipalName (UPN) and may be in the form of an email address (userid@example.com). |
| Step 6 | Enter LDAP server address. - Enter the hostname or IP address and port number for your Active Directory server.
- When using the Global Catalog, use port 3269 for secure SSL connections or 3268 for nonsecure connections.
- When using other LDAP servers, use port 636 for secure SSL connections or 389 for nonsecure connections.
Use the format YourDirectoryServer.YourCompany.com:portnumber. By default, if you enter no port or SSL settings, Cisco Jabber attempts an SSL connection to port 3269. For example, directoryserver.cisco.com:3268. |
| Step 7 | Enter the LDAP Search Base using the format: CN=users,DC=corp,DC=yourcompany,DC=com. By default, this application uses the search base that is found in a RootDSE search on the defaultNamingContext attribute. If you need to specify a different search base, enter the Distinguished Name of the root node in your corporate directory that contains user information. Use the lowest node that includes the necessary names. Using a higher node creates a larger search base and thus reduce performance if the directory is very large. | Note | To help determine the optimal search base, you can use a utility such as Active Directory Explorer (available from Microsoft) to view your data structure. |
|
| Step 8 | Enter the LDAP field mappings. LDAP field mappings identify the attributes in your directory that hold the information to be searched and displayed for directory searches. | Note: See the section on LDAP Field Mapping below for more information. |
|
|
| Step 9 | Enter the LDAP photo location, if side loading photo URL. |
| Step 10 | Select Save. |
| Step 11 | On the mobile device, restart Cisco Jabber. If you allowed end-user configuration editing, delete the Directory account on the client and then set up the account again. |
| Step 12 | Step through the wizard until you see the option to enable or confirm the corporate directory account settings. |
| Step 13 | At the option to enable or confirm the corporate directory account settings, tap Yes. |
| Step 14 | Enter the password, if it is not already entered. |
| Step 15 | Select Save, even if you make no changes. |
| Step 16 | Complete the wizard. |
LDAP Field Mapping:
Cisco Jabber for iPhone determines which type of directory server you use by checking whether the defaultNamingContext is defined. If the defaultNamingContext is defined, the app determines that you are using Active Directory. If this value is not defined, the app determines that the system is using another LDAP server.
The table below shows default attributes for Active Directory, other LDAP servers, and Cisco Jabber for iPhone.
Element (Human Readable)
| Jabber Element Name | Default Active Directory Attribute | Default Attribute for All Other LDAP Servers | Your Value, if Different |
Unique identifier | identifier | distinguishedName | distinguishedName |
|
Display name | displayName | displayName | cn |
|
Email address | emailAddress | mail | mail |
|
First name | firstName | givenName | givenName |
|
Last name | lastName | sn | sn |
|
User ID | userid | sAMAccountName | uid |
|
Main phone number | mainPhoneNumber | telephoneNumber | telephoneNumber |
|
Home phone number | homePhoneNumber | homeTelephoneNumber | homeTelephoneNumber |
|
Second home phone number | homePhoneNumber2 | homeTelephoneNumber | homeTelephoneNumber |
|
Mobile phone number | mobilePhoneNumber | mobile | mobile |
|
Second mobile phone number | mobilePhoneNumber2 | mobile | mobile |
|
Direct to voicemail phone number | voicemailPhoneNumber | voicemail | voicemail |
|
Fax number | faxPhoneNumber | facsimileTelephoneNumber | facsimileTelephoneNumber |
|
Other phone number | otherPhoneNumber | telexNumber | telexNumber |
|
Directory photo | photo | jpegPhoto | jpegPhoto |
|
Jabber ID | jabberID | jabberID | jabberID |
|
Job title | jobTitle | title | title |
|
Employee number | employeeNumber | employeeID | employeeNumber |
|
Manager ID | manageruid | manager | manager |
|
Cisco Jabber will display and search the values of the Default Active Directory Attributes when using Microsoft AD. For example, if the user's name is John Smith,
| Element | Jabber Element Name
| AD Attribute
| Value of AD Attribute
|
|---|
| First Name | firstName | givenName | John |
| Last Name | lastName | sn | Smith |
| Main Phone Number | mainPhoneNumber | telephoneNumber | 18005551212 |
If your directory server uses a different attribute than the default values, you must map the Jabber Element Name to the Attribute in your directory. The syntax for mapping is JabberElementName=YourAttribute. For example, if your directory uses the ipPhone attribute as the main phone number, you can map the attribute as mainPhoneNumber=ipPhone. Multiple field mappings can be separted mainPhoneNumber=ipPhone;displayName=nickname .
Reporting Structure:
Jabber will attempt to contruct a reporting structure information for the directory search. The manager ID and employee number entries are required for reporting structure information in directory search results. The default mappings are as follows:
- Active Directory: manageruid=manager; employeeNumber=employeeID.
- Open LDAP: servers are manageruid=manager; employeeNumber=employeeNumber.
If a manager has more than 25 direct reports, Cisco Jabber for iPhone displays only the first 25 reports. The value of a person's manageruid should be the value of the manager's employeeNumber.
Directory Photos:
Directory photos can come from LDAP or side loaded.
The default mapping is photo=jpegPhoto. No additional action is necessary if you do not require a custom mapping. If you require a custom mapping, you can modify the LDAP Field Mappings.
If you want to side load directory photos, populate the LDAP Photo Location, in the CUCM Device Configuration Page, with the URL of photo location. We recommend that you use the variable %%LDAP Attribute%% to represent the LDAP attribute.
Example:
| Note: | You must include the double percent symbols in this string, and they must enclose the name of the LDAP attribute to substitute. |
Cisco Jabber removes the percent symbols and replaces the parameter inside with the results of an LDAP query for the user whose photo it resolves.
For example, af a query result contains the attribute “uid” with a value of “johndoe”, and then a template such as http://mycompany.com/photos/%%uid%%.jpg creates the URL http://mycompany.com/photos/johndoe.jpg. Cisco Jabber attempts to fetch the photo johndoe.jpg when searching for John Doe.
