cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Walkthrough Wednesdays
517
Views
0
Helpful
4
Replies
afadeyev1
Beginner

Jabber - AD authentication account creation

This is very simple question  for those of you who already implemented it, but I can't find a defenetive answer in any user guides.

Currently, I'm running TMS-VCS-Jabber infrustructure with accounts manually created on TMS. There is a desire to move to AD authentication.

From what I understand, the 2 available options are:

1. Export users from AD to TMS and provision them with manualy created passwords.

2. VCS to AD direct authentication.

So, my question is - how do I limit\designate what users from AD are authorised to use Jabber when using option #2.

Is there an atrubute in AD that need to be set? Only some people in our Enterprise need access to it.

Thank you.

Alex.

1 ACCEPTED SOLUTION

Accepted Solutions

When you import users into TMS from AD, you can set search criteria to only import certain groups, or people.  That might help in limiting who you allow to use Jabber Video, as the VCS takes the provisioned information from TMS.

View solution in original post

4 REPLIES 4

When you import users into TMS from AD, you can set search criteria to only import certain groups, or people.  That might help in limiting who you allow to use Jabber Video, as the VCS takes the provisioned information from TMS.

View solution in original post

Ok. That was my understanding, I just want the confirmation that dealing with AD people is inevitable.

Also, it means, more job for them - less for me. Thank you for quick answer.

Yeah, when your on the provisioning page for users, there is an Import option, and you would enter the search filter there when selecting AD as your type to perform the import from.

When TMS imports users, it will auto generate random passwords based on the setting here if you're running TMSPE:

Administrative Tools > Configuration > Provisioning Extension Settings > User Repository

If you're using TMS Agent Legacy, the generated password setting is located in the import settings on the provisioning page where you manage users.

You then have to enabled the Active Directory Service on your VCS:

VCS configuration > Authentication > Devices > Active Directory Service

cody.haiden
Enthusiast

Configuring AD authentication for Jabber was a big success for our users and helped take a lot of management off of our hands.  I would suggest filtering by AD group, that way you have some control over which users get Jabber accounts.  To do this, you could use the filter below.  It would create a Jabber account for any user that is a member of the JABBER-USERS group which is located in contoso.com > USA > groups.

((memberOf=cn=JABBER-USERS,ou=groups,ou=USA,dc= contoso,dc=com))

Hope this helps!

Content for Community-Ad

Spotlight Awards 2021