In the last article “Setting up Cisco Meeting Server – 2”, we covered the high availability and clustering of various components in the Cisco Meeting Server.
In this article, we will discuss CMS Active Directory integration and creating meeting spaces via GUI.
You need the below details to configure the active directory on CMS.
Address: IP address of the LDAP Server.
Name: a label to help identify objects in the API.
LDAP Username/Password: credentials used to connect to the LDAP server.
Port: The network port to use when connecting to the LDAP server.
Secure: When enabled, the connection uses secure LDAP.
Base Distinguished Name: LDAP location where Meeting Server searches for users.
Filter: Search filter that defines which LDAP objects to include in the search.
For each user matched by the above search settings, Meeting Server creates a user in Meeting Server with the Field Mapping expressions the administrator defines. The Mappings can use regex expressions and LDAP property names to construct results based on the imported user’s LDAP values. The commonly used Field Mappings are:
Display Name: Name shown for the user in user searches and directories in Meeting Server.
Username: The username the user use to Log in via web app, the result must be unique for each user
coSpaceNameMapping: Label given to the auto-generated space for that user
These details can be tricky to understand and find. To get the correct details. Here are the below steps.
Go to your Active Directory server > Server Manager > ADSI Edit
Right-click ADSI and connect > Click ok
Locate to CN=Users > Right-click on CN=Administrator > Properties and find the attribute distinguishedName.
This field will be entered as a Username in CMS.
Use password as Administrator password for this user.
Locate any user and go to properties of that user > find attribute “cn”
This will provide you Base Distinguished Name.
This is the folder or the group where all your users reside in.
In the field mappings section, you need to enter the Display Name and Username.
The display name is basically your “cn” attribute which is the First Name and Last name of users.
Make sure to use “$” before and at the end of the attribute.
Example – $cn$
Username is basically your sAMAccountName field or some people call it an AD Canonical name.
This basically represents how are you logging in.
Example – [email protected]
Filter field is the field where you want to import the users based on this attribute.
Once you have entered all details. Click Submit and click Sync now.
Go to Status > Users and you will find all users there.
If I use sAMAccountname, it will import all groups and users in AD which we don’t want.
Be more specific in this field such as sAMAccountname=a*
The above filter imports all users/groups whose name starts with a. You can explore as you want in this.
For the below image I am using the filter as givenName=*
To create spaces for all users imported from AD, enter the Space name parameter.
Example – [email protected]
Click sync now and check spaces created.
Now to make sure your login works, you should have xmpp client and xmpp server srv records on DNS Server. Once you have that check login.
Go to your Webrtc login page and sign in with any user on AD.
Once you signed in, it will display all users in the search list to which you can call.
The above steps cover Cisco Meeting Active Directory Integration and user-based spaces. We hope this article gives you an understanding of the LDAP configuration in the Cisco Meeting Server.
Are you looking for consulting, advisory and professional services to deploy a Collaboration Environment for your organization? Zindagi can help.
Zindagi Technologies is an IT consultancy and professional services organization based out of New Delhi, India. We have expertise in planning, designing, and deployment of collaboration environments, large-scale data centers, Private/Public/Hybrid cloud solutions. We believe in “Customer First” and provide quality services to our clients always.
Sr. Collaboration Consultant