07-12-2016 09:43 AM - edited 03-18-2019 06:08 AM
I have more 500 Video Endpoints and using common credential. i would like add the all VC endpoints in TACACS. Please guide me how to setup.
This setup will help me to track admin-user made changes .
Solved! Go to Solution.
08-09-2016 04:47 PM
With the newer endpoint software versions (CE8.2.0+), the endpoints now supports LDAP user authentication, so everyone could have their own account.
Wayne
--
Please remember to rate responses and to mark your question as answered if appropriate.
Please remember to mark helpful responses and to set your question as answered if appropriate.
07-12-2016 04:25 PM
In a large environment such as that, you would usually use the Cisco TelePresence Management Suite (TMS) to manage your devices.
If all of your devices are part of a CUCM, then you could look at using Cisco Prime Collaboration.
Wayne
--
Please remember to rate responses and to mark your question as answered if appropriate.
Please remember to mark helpful responses and to set your question as answered if appropriate.
08-09-2016 12:24 PM
Thank you Shashank and Wayne for info.
1.My intention to track who are all made configuration changes on VC endpoints since many people using single user name and password.
2. I have TMS 15.2.x
Regards,
Siva
08-09-2016 01:53 PM
Using a single account for everyone to access the endpoints is a bad choice if you want to monitor who might change it's settings. Since everyone is using the same account, you have no way to know who is who, the only exception is if you went through the endpoint logs for the configuration change in question, then search your network for the user/computer that corresponds to the source IP address that make the change.
I'd change the admin password of the endpoints and not tell anyone but those that really need to know, then make everyone use TMS to manage the endpoints so you can rely on TMS to log any changes made by users.
08-09-2016 04:47 PM
With the newer endpoint software versions (CE8.2.0+), the endpoints now supports LDAP user authentication, so everyone could have their own account.
Wayne
--
Please remember to rate responses and to mark your question as answered if appropriate.
Please remember to mark helpful responses and to set your question as answered if appropriate.
08-09-2016 07:17 PM
I forgot LDAP authentication was a new feature with CE8.2. If you do enable LDAP on the endpoint, suggest you also enable audit logging, which will record all user activity and configuration changes, the only downside is you're going to have to go through the endpoint logs which could get quite large. You never mentioned what type of endpoints you have, but if you don't know, CE software is only available on SX10/20/80, DX70/80, MX200/300 G2, and MX700/800.
07-12-2016 07:09 PM
There is no such possibility of using TACACS/Radius authentication or any other type besides the normal user credentials for Cisco Telepresence endpoints.
You can use Telepresence Management Suite (TMS) for centralized management of your endpoints.
03-17-2020 02:04 AM
Hi,
We are looking at implementing LDAP authentication for Video endpoint as a requirement of our IT Governance.
Can you share how did you implement LDAP authentication for Video endpoint, I'm not very familiar with Active Directory. What are those key things to do in AD.
Thank you,
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide