Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1447
Views
24
Helpful
6
Replies

TMSPE "User Import"

Go to solution
fantasy24
Level 1
Level 1

‎09-06-2012 10:35 PM - edited ‎03-17-2019 11:44 PM

Hi All,

There are few things I would like to clarify. Please assist.

In TMS PE, the software have 3 selections for User Import.

1. Active Directory

2. Active Directory w Kerberos

3. LDAP

Questions:

1. If I am using Windows 2008 AD, which selections should I choose? (Cisco TAC told me that Active Directory is Windows LDAP. Is that true?)

2. For 3 of the selections, will the password imported as well to the TMS PE?

3. For the synchronization, it will syncronize automatically or manually for all the choices above?

Appreciate your kind assistance here.

Thanks.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Magnus Ohm
Cisco Employee
Cisco Employee

‎09-06-2012 11:23 PM

Hi

1. Choose Active Directory, unless you have setup your AD with kerebos authentication. If not or you don't know, choose Active Directory.

You can say that Active Directory is Windows LDAP yes. Active directory provides a store for directory data and utilizes LDAP (Lightweight Directory Access Protocol) (v2,v3,kerebos and DNS).

2. No the password will automatically be generated once the user has been imported to the provisioning directory. If you want the users to authenticate to AD you have to set this up on the VCS under "Authenticating Devices" and find the Active Directory configuration (X7.2). Once the users logs in the VCS forwards the request to your AD which will authenticate the request.

3. It will synchronize once every 24 hours. This is not editable and is a fixed time.

/Magnus

View solution in original post

6 Replies 6

Go to solution
Magnus Ohm
Cisco Employee
Cisco Employee

‎09-06-2012 11:23 PM

Hi

1. Choose Active Directory, unless you have setup your AD with kerebos authentication. If not or you don't know, choose Active Directory.

You can say that Active Directory is Windows LDAP yes. Active directory provides a store for directory data and utilizes LDAP (Lightweight Directory Access Protocol) (v2,v3,kerebos and DNS).

2. No the password will automatically be generated once the user has been imported to the provisioning directory. If you want the users to authenticate to AD you have to set this up on the VCS under "Authenticating Devices" and find the Active Directory configuration (X7.2). Once the users logs in the VCS forwards the request to your AD which will authenticate the request.

3. It will synchronize once every 24 hours. This is not editable and is a fixed time.

/Magnus

Go to solution
fantasy24
Level 1
Level 1
In response to Magnus Ohm

‎09-07-2012 12:03 AM

Thanks Magnus.

One more question.

Can I choose "LDAP" selection against Windows 2008 AD server?

0 Helpful

Go to solution
Magnus Ohm
Cisco Employee
Cisco Employee
In response to fantasy24

‎09-07-2012 12:23 AM

The requests are not the same therefore we have different options to what kind of request that is sent. I'm not sure if its impossible to connect to AD setting it to LDAP, but since there is a specific field for AD you choose this when you are planning to import users from Active Directory.

LDAP i assume is for OpenLDAP in example..

I tried in my lab to use the LDAP option for my AD connection but it failed. I have not looked any further into this but for Active Directory you choose the Active Directory option

/Magnus

Go to solution
fantasy24
Level 1
Level 1
In response to Magnus Ohm

‎09-07-2012 12:57 AM

Thanks lot for the clarification.

0 Helpful

Go to solution
josepaulopetry
Level 1
Level 1
In response to Magnus Ohm

‎02-26-2013 03:41 PM 

Magnus Ohm escreveu:
2. No the password will automatically be generated once the user has been imported to the provisioning directory. If you want the users to authenticate to AD you have to set this up on the VCS under "Authenticating Devices" and find the Active Directory configuration (X7.2). Once the users logs in the VCS forwards the request to your AD which will authenticate the request.

So i cant authenticate to AD using TMS?

If i configure the authentication in VCS, can i still use TMS to manage users?

0 Helpful

Go to solution
aborodai
Level 1
Level 1
In response to josepaulopetry

‎02-27-2013 12:05 AM

Hi,

No, TMS only manage users. So, basically, you can cretate, update, import and delete users in TMS then TMS sends this information to the VCS and thats all.

When you connect with Jabber/Movi to the VCS it works in this way:

Jabber->VCS->ActiveDirectory Authentication(If you enable this in VCS)

If not, TMS sends User information with passwords to tne VCS and it looks like:

Jabber->VCS(Local Database)

Best Regards,

Artem Borodai

Customers Also Viewed These Support Documents