Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
739
Views
0
Helpful
4
Replies

Jabber - AD authentication account creation

Go to solution
afadeyev1
Level 1
Level 1

‎02-07-2013 08:07 AM - edited ‎03-18-2019 12:33 AM

This is very simple question  for those of you who already implemented it, but I can't find a defenetive answer in any user guides.

Currently, I'm running TMS-VCS-Jabber infrustructure with accounts manually created on TMS. There is a desire to move to AD authentication.

From what I understand, the 2 available options are:

1. Export users from AD to TMS and provision them with manualy created passwords.

2. VCS to AD direct authentication.

So, my question is - how do I limit\designate what users from AD are authorised to use Jabber when using option #2.

Is there an atrubute in AD that need to be set? Only some people in our Enterprise need access to it.

Thank you.

Alex.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Patrick Sparkman
VIP Alumni
VIP Alumni

‎02-07-2013 09:59 AM

When you import users into TMS from AD, you can set search criteria to only import certain groups, or people.  That might help in limiting who you allow to use Jabber Video, as the VCS takes the provisioned information from TMS.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Patrick Sparkman
VIP Alumni
VIP Alumni

‎02-07-2013 09:59 AM

When you import users into TMS from AD, you can set search criteria to only import certain groups, or people.  That might help in limiting who you allow to use Jabber Video, as the VCS takes the provisioned information from TMS.

0 Helpful

Go to solution
afadeyev1
Level 1
Level 1
In response to Patrick Sparkman

‎02-07-2013 10:03 AM

Ok. That was my understanding, I just want the confirmation that dealing with AD people is inevitable.

Also, it means, more job for them - less for me. Thank you for quick answer.

0 Helpful

Go to solution
Patrick Sparkman
VIP Alumni
VIP Alumni
In response to afadeyev1

‎02-07-2013 10:12 AM

Yeah, when your on the provisioning page for users, there is an Import option, and you would enter the search filter there when selecting AD as your type to perform the import from.

When TMS imports users, it will auto generate random passwords based on the setting here if you're running TMSPE:

Administrative Tools > Configuration > Provisioning Extension Settings > User Repository

If you're using TMS Agent Legacy, the generated password setting is located in the import settings on the provisioning page where you manage users.

You then have to enabled the Active Directory Service on your VCS:

VCS configuration > Authentication > Devices > Active Directory Service

0 Helpful

Go to solution
cody.haiden
Level 4
Level 4

‎02-08-2013 07:27 PM

Configuring AD authentication for Jabber was a big success for our users and helped take a lot of management off of our hands.  I would suggest filtering by AD group, that way you have some control over which users get Jabber accounts.  To do this, you could use the filter below.  It would create a Jabber account for any user that is a member of the JABBER-USERS group which is located in contoso.com > USA > groups.

((memberOf=cn=JABBER-USERS,ou=groups,ou=USA,dc= contoso,dc=com))

Hope this helps!

0 Helpful
Customers Also Viewed These Support Documents