cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3896
Views
10
Helpful
6
Replies

CUCM and Microsoft Azure Active Directory

dan.hornbeck
Level 1
Level 1

Sorry if this has been asked before. A search of the forum didn't bring up any results related to this exactly.

I'm curious if anyone has any experience configuring CUCM (ver 10.5) for LDAP synchronization and authentication with Microsoft's hosted Active Directory platform Azure? I see a lot of discussions online about hosting the VMs in Azure but my deployment is calling for customer premise hosted CUCM with cloud-based Active Directory.

Possible? Impossible? Limitations or issues?

Thanks,

1 Accepted Solution

Accepted Solutions

Jaime Valencia
Cisco Employee
Cisco Employee

The latest docs for 11.5 do not show that as a valid option

http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/admin/11_5_1/sysConfig/11_5_1_SU1/cucm_b_system-configuration-guide-1151su1/cucm_b_system-configuration-guide-1151su1_chapter_0100101.html

As such, officially, it's not supported. However, assuming that's just a cloud AD, as you would have on-prem, it *might* work. But since it has not been tested, there's no way to tell if/what issues/limitations you might face.

HTH

java

if this helps, please rate

View solution in original post

6 Replies 6

Jaime Valencia
Cisco Employee
Cisco Employee

The latest docs for 11.5 do not show that as a valid option

http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/admin/11_5_1/sysConfig/11_5_1_SU1/cucm_b_system-configuration-guide-1151su1/cucm_b_system-configuration-guide-1151su1_chapter_0100101.html

As such, officially, it's not supported. However, assuming that's just a cloud AD, as you would have on-prem, it *might* work. But since it has not been tested, there's no way to tell if/what issues/limitations you might face.

HTH

java

if this helps, please rate

Thanks Jaime

I have an additional question, I want to know if the WSA appliance support Azure cloud Active directory to create a second realm this is because of using credential encryption authentication in transparent mode and some users are moving to Azure AD cloud service.
Thank you
Ambrosio Vega
CCIE 1965

And just to add in here, SSO with Microsoft Azure is specifically NOT supported due to a number of issues.  They are on Cisco's radar, but there is no timeframe currently.  A reasonable timeframe may be in the 12 to 24 month range.  If you aren't attempting to do SSO, this isn't an issue, but if so, be aware....

Dear Clifford,
Thank you for your response, I understand but in case the users have to move to Azure cloud AD service before12 months. Do you recommend to use umbrella for web filtering?

I don't really have a suggestion.  I've had several clients ask about this, but none have moved forward at this point. 

As a consultant, I have found that usually when the implementation of this type stuff happens, the security team at the client wants to do it themselves (i.e. I don't get to do or even watch).  I just wanted to make sure folks were aware of the limitation(s) as they are currently.