cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Walkthrough Wednesdays
164
Views
0
Helpful
3
Replies
Eli Kagan
Beginner

Where does VCS get passwords from when doing LDAP authentication

I was wondering, if I were to configure VCS to do LDAP authentication while using an Active Directory as LDAP, which passwords would it be using?   Will it authenticate against domain password or will I need to fill in a separate password attribute (which would be cleartext)?

 

 

3 REPLIES 3

Hello Eli -

Are you referring to user accounts (such as admin accounts that login to the VCS), or for devices (such as endpoints)?

If you're talking about authenticating user accounts, than it will use your AD username/password.
Cisco-VCS-Authenticating-Accounts-Using-LDAP-Deployment-Guide-X8-2

If you're talking about authenticating devices/endpoints, than it will use fields in your LDAP that are created by schemas that you download from the VCS and install to your LDAP directory.
Cisco-VCS-Authenticating-Devices-Deployment-Guide-X8-2.pdf

I am actually talking about endpoint authentication.

 

Is it possible to use LDA (H.350) authentication against an AD and use user domain password for authentication?  That is, I do not want to store the password as an attribute but rather have VCS bind to LDAP with the proposed user/password to see whether the user exists or not.  SAme way as it is done by the LDAP module on Apache for instance.

 

 

Christian Drefke
Enthusiast

You would need to enter the password for the bind user you need. For the password challenge you can choose between:

  • Simple Authentication - Password in clear-text send to LDAP server
  • SASL MD5 - Challenge-Response method to setup a secure channel for the password transmission (needs to be supported on your LDAP)

 

In addition to the password challenge you could run an encrypted SSL tunnel for the whole LDAP communication. For this you'll need a certificate trust between VCS and LDAP.

 

Additional information can be found here: http://www.cisco.com/c/dam/en/us/td/docs/telepresence/infrastructure/vcs/config_guide/Cisco_VCS_Authenticating_Devices_Deployment_Guide_X7-2.pdf

Content for Community-Ad

Spotlight Awards 2021