cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
7920
Views
20
Helpful
25
Replies

Ask the Experts: Single Sign-On with Cisco WebEx Meetings Server, Internet Reverse Proxy, and Enterprise License Manager Solutions

ciscomoderator
Community Manager
Community Manager

Ask the Expert About Single Sign-On with Cisco WebEx Meetings Server, Internet Reverse Proxy, and Enterprise License Manager Solutions with Arun KumarWith Arun Kumar

Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about Single Sign-On (SSO) with Cisco WebEx Meetings Server (Cisco WMS), Internet Reverse Proxy (IRP), and Enterprise License Manager (ELM) solutions.

SSO standards such as Security Assertion Markup Language (SAML) 2.0 provide secure mechanisms for passing credentials and related information between different websites that have their own authorization and authentication systems. SSO enables simplified user authentication and management.

IRP provides public access, enabling users to host or attend meetings from the Internet and mobile devices. Although IRP is optional, Cisco encourages its use because it provides a better user experience for your mobile workforce.

Example question topics include:

  • SSO profiles and SAML 2.0 Identity providers (IdPs) supported in Cisco WMS
  • Basic configuration of IdPs
  • Interaction between IdPs and Cisco WMS
  • Difference between the cloud client implementation and Cisco WMS
  • Meeting access behavior in a split-horizon network topology with SSO
  • How to enable public access to Cisco WMS
  • Cisco WMS ELM operations
  • Cisco WMS ELM compared to other unified communications ELM or standalone ELM and compatibility/inoperability between them

Arun Kumar is a team lead in the San Jose Conferencing Technical Assistance Center. He has over eight years of experience in conferencing technology and specializes in Cisco Unified Meeting Place Express and Cisco WebEx Meeting Server. He joined Cisco in 2010 as an escalation engineer for the Cisco Telepresence group. Before joining Cisco he worked for the UK's third-largest internet service provider Supanet on VoIP technology and the *Nix domain. Kumar holds a master of science degree in computer science from Sikkim Manipal University in India, and he holds CCIE (Voice) and VMware Certified Professional certifications.

Remember to use the rating system to let Arun know if you have received an adequate response.

Arun might not be able to answer each question because of the volume expected during this event. Remember that you can continue the conversation on the Collaboration, Voice, and Video community Other Subjects subcommunity shortly after the event. This event lasts through Monday May 17, 2013. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.

25 Replies 25

Mobile Service
Level 1
Level 1

Hi, i tried only with domain - it didn't help.

is it possible to get any logs from the cwms?

Hello Mobile Service,

At this stage I'll advise you to open a TAC case to work though this issue.

Thanks, Arun

Mobile Service
Level 1
Level 1

Hi, unfortunately i've found an interesting note in CWMS administration guide:

Step 5  If displayed, enter the Username and Password credentials for the system to access your corporate mail server.

Emails from the system are sent by admin@. Ensure that the mail server can recognize this user.

this is not convinient, because usually enterprise mail servers won't let user send an e-mail.

are there any wais to change  admin@, and use %username%@enterprise.domain.name?

Hello Mobile Service,

Currenly admin @ user site url is only supported option and %username% can't be used here.

Make sure to enable realy from CWMS IP's (Admin and Web) to email servers and there will be no issues in sending or receiving emails.

You can check logs for mail activity too, check my this thread here for same info:

https://communities.cisco.com/thread/33105?tstart=0

Thanks, Arun

Mobile Service
Level 1
Level 1

In our particular case, we are not allow to relay using   admin@ url.

Mail server - MS Exchange.

Hello Mobile Service,

Please don't allow relay based on from name (if we allow then you can telnet to your exchange if allowed and can send email to anyone uisng this valid from address), instead use CWMS IP's , as CWMS CLI is locked and there is no way someone else can take that CWMS IP and send email to your mail server.

We suggest to use realy based on IP.

Thanks, Arun

Arun,

Tandberg VTC endpoints can integrate with WMS yet or its still on the roadmap?

Thanks,

Anwar

Hi Anwar,

Currently CWMS is not supporting VTC endpoints but there are talks internally between product team to include this to support VTC and CTS endpoints too (WebEx OneTouch). I'll keep you posted with more information.

Thanks, Arun

Thanks Arun!!!

Hi Arun,

What are the advantages of installating ELM seperately?

Thanks,

Vijay

Hi Vijay,

Currently CWMS is not supported with standalone ELM or other UC ELM.

CWMS has it's own embedded ELM server for licensing and same can be accessed from System's page of CWMS admin interface.

Thanks, Arun

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: