cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Walkthrough Wednesdays
600
Views
0
Helpful
9
Replies
Nick Boylan
Beginner

Jabber pre-configuration parameter

In the latest Jabber administration guide WRT pre-configuration of the client during install (page 11), there is a parameter that can be set to create a URL for the user if they wish to retrieve their password. This is defined as:

jabber.JPG

However, I cannot find any reference to where this URL might actually point toward.

We can obviously generate an email as administrators to send to a user or group that specifies their password, however, it would nice if a user could be pointed to a location where they could retrieve or reset this themselves.

Thank you

9 REPLIES 9
Paulo Souza
Rising star

Hi friend,

Try to use this URL:

https:///tmsagent/tmsportal/#settings


Regards

Paulo Souza

Please rate replies and mark question as "answered" if applicable.

Paulo Souza Was my response helpful? Please rate useful replies and remember to mark any solved questions as "answered".

Unfortunately this does not work for us. It appears as though the link (https:// name/IP_address>/tmsagent/tmsportal/#settings) is a reference more toward the legacy TMS Agent provisioning feature of TMS. We are using TMS v14.2.2 with TMSPE v1

Although I can see a virtual directory in IIS for “tmsagent” in the default web site, there is nothing in the virtual folder that references tmsportal - hence I get a 404 page not found error.

Hi Nick,

This is the same URL used for TMSPE. That URL points to FindMe user portal. On this portal, users can change their provisioning password and another settings, however I really didn't find an option to retrieve password .

You must to have FindMe feature enable on TMS to have this page available, use this link:

http://X.X.X.X/tmsagent/portal/login.jsp

See:

This is the only page I know where end users can configure provisioning settings, as far as I know, there is no another page. Therefore, I think this paremeter you found may be used in a future version and it is not available, I cannot say it for sure.

Use local accounts or Ldap accounts to login in this page.

Regards

Paulo Souza


Please rate replies and mark question as "answered" if applicable.

Paulo Souza Was my response helpful? Please rate useful replies and remember to mark any solved questions as "answered".

No, thats actually a site for TMSPE.

But lets hust make a logic check.

TMSPEs webinterface makes only sense using AD authentication, but you should have other password handling

routinges in place if you use AD, ...

You can have other password handling methods (like your own ldap server with your own

password discovery function).

There are also external methods besides TMS provisioning, there are some parameters in the

provisioning which more or less aim for non TMS provisioning deployments or deployments

which use more than what TMS / VCS can deliver out of the box.

Nick, I d not knock your deployment, but maybe looking in AD authentication could be something worth investigating.

Please remember to rate helpful responses and identify

Hi Martin,

But lets hust make a logic check.

TMSPEs webinterface makes only sense using AD authentication, but you should have other password handling

routinges in place if you use AD, ...

You can have other password handling methods (like your own ldap server with your own

password discovery function).

As far as I know, when integrating TMS provisioning to LDAP, only the accounts are imported, LDAP passwords are not imported or used for jabber authentication. So the users will have a provisioning password defined in TMS regardless of the LDAP password. As I understand, what Nick needs is a method to retrieve provisioning password. This behavior exists in TMS 13, and I really believe it has not been changed for TMS 14. Please, correct if I am wrong.

Nick,

If you use LDAP to import the users accounts for provisioning, you will be able to use LDAP authentication to login into FindME portal page (TMS Server must to me a member of the domain), and through this page, the users are going to be able to change their provisioning password even if they forget their provisioning password.

Regards

Paulo Souza


Please rate replies and mark question as "answered" if applicable.

Paulo Souza Was my response helpful? Please rate useful replies and remember to mark any solved questions as "answered".

Hey Martin/Paulo, this is actually for us.

We can't use AD as we support multiple organisations - not a single domain. At the moment, provisioned users are manually added () into the User provisioning. We're not talking about users added to the local TMS. In addition, findme is available, it is not available on all VCSs. Maybe some organisation will allow an LDAP lookup to allow a more automated population of these provisioned groups, but my feeling is that this just anit going to happen - and even then, I'm not sure if TMS can handle different lookups from different organisations (although I think this maybe OK for provisioned users, although adding actual users to TMS can only be from one AD.

So, the passwords are simply those setup in TMS for each provisioned user. Are you saying that there is no way that these users can actually set/reset or just retrieve their own password in TMS as it stands?

Basically, users are constantly told that that should not act on password sent to them that they haven't requested - yet it seem that ONLY way to do this to provisioned users (non AD or LDAP) in TMS IS to push out password, then the users can't even change them. Am I missing something? DOn't tell me that this is going to be a "feature request"?

Chris

So, the passwords are simply those setup in TMS for each provisioned user. Are you saying that there is no way that these users can actually set/reset or just retrieve their own password in TMS as it stands?

There is a way, but the only page where by the users can handle their provisioning passwords is the FindMe portal. But to log in to FindMe portal, you must to have a local account created on Windows (if your TMS is not a member of a domain) or Ldap account (if your TMS is a member of a domain). This is a problem to you, you cannot set TMS under a domain because you support multiple organizations. And you cannot use local accounts on TMS Windows because it has no sense here.

Sorry, I cannot point a solution for that. I guess that this scenario could be better if TMS had its own users database regardless to Windows and Ldap authentication, and also a page where the user could handle his own passwords and configurations. Or if TMS had ability to authenticate the users to different Ldap systems without having to put the server under the domain. CallManager can point to different Ldap systems and the users can log in to ccmuser page using their Ldap credentials, through this page they can handle their PIN and another configurations. But TMS cannot.

Basically, users are constantly told that that should not act on password sent to them that they haven't requested - yet it seem that ONLY way to do this to provisioned users (non AD or LDAP) in TMS IS to push out password, then the users can't even change them. Am I missing something? DOn't tell me that this is going to be a "feature request"?

Chris

If you don't have Ldap integration, you really has no option to allow the user to handle his provisioning password by himself. Sorry, it really seems to be a feature request.

Paulo Souza

Please rate replies and mark question as "answered" if applicable.

Paulo Souza Was my response helpful? Please rate useful replies and remember to mark any solved questions as "answered".

Oh Dear, but Oh well,

Nick, I think you know whats comming!

This is what I have asked as a featyre request:

Essentially, as we operate across many institution borders a single global videoconferencing network, I can’t see that we would be able to employ AD to import users into TMSPE. There is the possibility of LDAP lookup (which could be secured via SSL or some such), but I highly doubt this would happen as well. In addition, I’m not sure if it would even be possible to put multiple LDAP lookups to different User Groups with TMSPE. So, we are forced to add users manually to TMSPE.

It seem that the “forgot password” URL should be something like ‘https:///tmsagent/tmsportal/#settings’, however, we simply get a page 404 error – there is no folder (virtual or otherwise) or site under the /tmsagent folder called “tmsportal”. We do have FindMe set up on TMS, although there is only one licence VCS that currently uses the service. From what I read, it seems that this ability for a user to reset their password is limited to those that have been imported user AD or LDAP!!!!! This means that users CANNOT set, reset or retrieve their password from TMS without us as administrator getting involved, and essentially the user have to tell us as administrator what they want their password to be. This is plainly ridiculous.

TMS needs to provide a way for TMSPE user to be able to set/reset/retrieve their password (and even update basic info) without them being required to be added as a user of the TMS server, or have to have the TMSPE users to be imported via AD/LDAP.

In addition, it would be nice to be able to provide a simple file based import, as is the case with phone book entries.

Hi swinster,

Thank you for your feedback. Your need is a great "lack" on TMS, I have seen many companies demanding the same feature.

Nick, could you provide some feedback on this post? Have we answered your doubts?

Paulo Souza

Please rate replies and mark question as "answered" if applicable.

Paulo Souza Was my response helpful? Please rate useful replies and remember to mark any solved questions as "answered".
Content for Community-Ad

Spotlight Awards 2021