cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
475
Views
0
Helpful
1
Replies

CUCM 7.1.3 - AD Integration

johntunks
Level 5
Level 5

Hi,

I have seen a document for CUCM giving the MINIMUM AD rights that are required by the service account to connect the CUCM for user accounts and authenication but have spent the last day looking for it again and can't find it for the life of me.

If anyone knows where the document is OR the minimum AD rights, I would really appreciate it.  I am putting a system in and the customer want the mimimum access granted for this account.

Thanks in advance for your help.

John

1 Reply 1

clileikis
Level 7
Level 7

Hi John,

Design Considerations for LDAP Authentication

Observe the following design and implementation best-practices when deploying LDAP authentication with Cisco Unified CM:

Create a specific account within the corporate directory to allow Unified CM to connect and authenticate to it. Cisco recommends that you use an account dedicated to Unified CM, with minimum permissions set to "read" all user objects within the desired search base and with a password set to never expire. The password for this account in the directory must be kept in synchronization with the password configuration of the account in Unified CM. If the account password changes in the directory, be sure to update the account configuration in Unified CM. If LDAP synchronization is also enabled, you can use the same account for both functions.

From the LDAP section of the SRND:  http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/srnd/8x/directry.html

HTH,

Chris