cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

AMA-CUCM Troubleshooting: Best Practices for Reading Trace Files

231
Views
0
Helpful
1
Replies
Highlighted
Contributor

CUCM 7.1.3 - AD Integration

Hi,

I have seen a document for CUCM giving the MINIMUM AD rights that are required by the service account to connect the CUCM for user accounts and authenication but have spent the last day looking for it again and can't find it for the life of me.

If anyone knows where the document is OR the minimum AD rights, I would really appreciate it.  I am putting a system in and the customer want the mimimum access granted for this account.

Thanks in advance for your help.

John

Everyone's tags (3)
1 REPLY 1
Rising star

CUCM 7.1.3 - AD Integration

Hi John,

Design Considerations for LDAP Authentication

Observe the following design and implementation best-practices when deploying LDAP authentication with Cisco Unified CM:

Create a specific account within the corporate directory to allow Unified CM to connect and authenticate to it. Cisco recommends that you use an account dedicated to Unified CM, with minimum permissions set to "read" all user objects within the desired search base and with a password set to never expire. The password for this account in the directory must be kept in synchronization with the password configuration of the account in Unified CM. If the account password changes in the directory, be sure to update the account configuration in Unified CM. If LDAP synchronization is also enabled, you can use the same account for both functions.

From the LDAP section of the SRND:  http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/srnd/8x/directry.html

HTH,

Chris

CreatePlease to create content
Content for Community-Ad
August's Community Spotlight Awards