sign Considerations for LDAP Authen

sign Considerations for LDAP AuthenticationObserve the following design and implementation best practices when deploying LDAP authentication with the Cisco Unified CM:• Create a specific account within the corporate directory to allow Unified CM to connect and authenticate to it. Cisco recommends that you use an account dedicated to Unified CM, with the minimum permissions set to "read" all user objects in the desired search base and with a password set to never expire. The password for this account in the directory must be kept in sync with the configuration of the account password in the Unified CM. If the account password changes in the directory, be sure to update the account configuration in Unified CM. If the LDAP synchronization is also enabled, you can use the same account for both functions.• Enable LDAP authentication on Unified CM by specifying the credentials of the aforementioned account under LDAP Distinguished Name and the LDAP Manager Password, and by specifying the directory where all the users subtree reside under LDAP User Search Base.• This method provides single logon functionality to all end users: when they log in to the Unified CM User Options page, they can now use their corporate directory credentials.• Manage end-user passwords from within the corporate directory interface. Note that the password field is no longer displayed in the Unified CM Administration pages when authentication is enabled.• Manage end-user PINs from the Unified CM Administration web pages or from the Unified CM User Options page.• Manage Application User passwords from the Unified CM Administration web pages. Remember that these application users, facilitate communication and remote call control with other Cisco Unified Communications applications and are not associated with real people.• Enable single log for administrators by adding CM Unified their end user corresponding to the Unified CM Super Users user group from the Unified CM Administration web pages. Multiple levels of administrator rights can be defined by creating customized user groups and roles.

sign Considerations for LDAP Authentication Observe the following design and Implementation Best-practices When Deploying LDAP Authentication with Cisco Unified CM: • Create A specific Account Within the corporate Directory to allow Unified CM to Connect and authenticate to it. Cisco recommends that you use an account dedicated to Unified CM, with minimum permissions set to "read" all user objects within the desired search base and with a password set to never expire. The password for this account in the directory must be kept in synchronization with the password configuration of the account in Unified CM. If the account password changes in the directory, be sure to update the account configuration in Unified CM. If LDAP synchronization is enabled Also, you can use the Same Account for both functions. • Enable LDAP Authentication on Unified CM by Specifying the credentials of the aforementioned Account Under LDAP Manager Distinguished Name and LDAP Password, and by Specifying the Directory subtree WHERE all the users reside Under LDAP User Search Base. • This Method Provides Single Logon Functionality to all end users: When They Log in to the Unified CM User Options Page, They can now use Their Directory corporate credentials. • Manage end-User Passwords from Within the corporate directory interface. Note That the password field is No longer Displayed in the Unified CM Administration Pages When Authentication is enabled. • Manage end-User PINs from the Unified CM Administration Web Pages or from the Unified CM User Options Page. • Manage Application User Passwords from the Unified CM Administration web pages. Remember That These Application users Facilitate communication and Remote call control with Cisco Unified Communications Other applications and are not associated with Real people. • Enable Single Logon for Unified CM administrators by adding Their Corresponding end User to the Unified CM Super Users User Group from the Unified CM Administration web pages. Multiple levels of administrator rights can be defined by creating customized user groups and roles.

Sign Considerations for LDAP Authentication

observe the following design and implementation best-practices when deplоying LDAP authentication with Cisco Unified CM:lord •create a specific account within the corporate directory to allow Unified CM to connect and аuthentiсаte to it. Cisco recommends that you use an account dedicated to Unified CM,With minimum permissions set to "read" all user objects within the desired search base and with a password set to never expire. The password for this account in the directory must be kept in synchronization with the password configuration of the account in Unified CM If the account password changes in the directory, be sure to update the account configuration in Unified CMIf LDAP synchronization is also enabled, you can use the same account for both functions.lord •Enable LDAP authentication on Unified CM by specifying the сredentiаls of the аfоrementiоned punkta LDAP account manager LDAP Distinguished Name and Password, and by specifying the directory expand subtree where all the users reside under LDAP user search base.

•This method more detailed single logon functionality to all end users: when they log in to the Unified CM User Options page, they can now use their corporate directory сredentiаls.lord •manage end-user passwords from within the corporate directory interface. Note that the password field is no longer displayed in the Unified CM administration pages when authentication is enabled.

•Manage end-user pins from the Unified CM Administration web pages or from the Unified CM User Options page.lord •manage application user passwords from the Unified CM Administration web pages. Remember that these application users fасilitаte communication and remote call control with other Cisco Unified Communications applications and are not is underlined with real people.

•Enable single logon for Unified CM administrators by adding their should end user to the Unified CM Super Users user group from the Unified CM Administration web pages. Multiple levels of administrator rights can be defined by creating votes сustоmized user groups and roles.