Hello! This is Video #8 of our CUCM series, which is designed to help viewers understand how to configure the features and functionalities of Cisco Unified Communications Manager, or CUCM. The tutorials will be fast paced and it is recommended to repeat the videos several times along with actual practice of the concepts described. This series will be helpful for aspiring CCNA/CCNP Collaboration candidates to prepare for their certification.

In this video, we will discuss how to configure end users through synchronization with an LDAP service.

References:

http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/7x/uc7_0/directry.html

http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/admin/8_6_1/ccmcfg/bccm-861-cm/b02ldsys.html

http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/admin/11_0_1/sysConfig/CUCM_BK_C733E983_00_cucm-system-configuration-guide/import_users_from_ldap_directory.html

CCNA Training – Resources (Intense)

Notes:

Configure LDAP System

1. Go to System → LDAP → LDAP System.\

2. Tick “Enable Synchronizing from LDAP Server.

3. Specify LDAP Server Type. Choose OpenLDAP or Microsoft Active Directory.

4. Choose “LDAP Attribute for User ID”, uid for OpenLDAP or sAMAccountName for Microsoft Active Directory.

5. Save Configuration.

Configure LDAP Directory

1. Go to System → LDAP → LDAP Directory.

2. Click on “Add New”.

3. Configure “LDAP Configuration Name” by putting any desired name.

4. In the “LDAP Manager Distinguished Name” enter the administrator username. Email format can be used for Active Directory while OpenLDAP format will need to use the standard syntax. (e.g. cn=Manager,dc=pamar,dc=com)

5. Enter the password of the administrator account under “LDAP Password”. Confirm the password.

6. Add in the “LDAP User Search Base” information. This is where the list of users are found in the LDAP directory structure. (e.g. ou=people,dc=pamar,dc=com)

7. Specify the “LDAP Directory Synchronization Schedule”.

8. Make sure the OpenLDAP/ Microsoft Active Directory attributes match with the CUCM attributes under “Standard User Fields to be Synchronized”. You can add additional attributes supported by your choice of LDAP system.

9. Save the Configuration.

10. Click on “Perform Full Synch Now” to synch with the LDAP system. Go to User Management → End User and click on “Find” to check if the LDAP entries have been synched in the CUCM.

Configure LDAP Authentication

1. Go to System → LDAP → LDAP Authentication if authentication is desired to be handled by the LDAP system and not the CUCM.

2. Tick on “Use LDAP Authentication for End Users” checkbox.

3. Enter the “LDAP Manager Distinguished Name”. This is the administrator username of the LDAP.

4. Enter and confirm the “LDAP Password”.

5. Enter the “LDAP User Search Base”. This is where the users are listed in the LDAP directory.

6. Add the LDAP server information. Add more servers if required.

7. Save configuration.

Configure LDAP Custom Filter

1. LDAP Custom Filter is done when specific entries and not all entries are needed to be synched with the LDAP system. For example, only users with username that starts with “employee” will be needed to be synched.

2. To configure filter, specify the Name and the Filter. (e.g. (uid=employee*) )