MeetingPlace Express 2 LDAP Integration

Unanswered Question
Dec 5th, 2008
User Badges:

I am attempting to integrate a new meetingplace express solution with Active Directory. Our CallManager 4.2(3) cluster is already integrated with AD and working as expected. I am struggling with what exactly it is that I need to populate the fields with in the LDAP integration section. I have read through all of the guides, they are either too vague for me or are using language I guess I don't understand.


My understanding is that when configured correctly, meetingplace express will actually forward all authentication attempts to CallManager, which will then forward them over to Active Directory.


The domain I am attempting to integrate with is uullc.net


The CCM Publisher is 172.16.250.10


The Domain Controller is 172.16.254.10


Looking at the LDAP section of the meetingplace express admin webpage I have the following fields currently populated as such:


Cisco Unified CallManager version - 4.x


LDAP URL - ldap://172.16.250.10:8404/


Directory username - cn=CCM Administrator,cn=Users, dc=uullc,dc=net


Password - password for above account


Cisco base - blank as per documentation


User base - cn=Users, dc=uullc,dc=net


Directory type - ADS


Now I have tried many permutations in the above fields, such as switching out the ldap url IP with that of the domain controller, and/or changing the port number to 389. I am also unsure which account I should be trying to use in the Directory username field.


If anyone out there could shed some light on the subject to me with regards to syntax for the above fields, or perhaps enlighten as to what it is that meetingplace express actually wants me to put there it would be great.


Also once the fields have been populated correctly, what exactly do I need to do in order to get the AD user accounts imported into meetingplace? Will it happen automatically, or will I need to do some sort of export/import with csv files?


I've included a screenshot of the LDAP section to make it easier to see what I'm talking about.


Thanks,


Dan Bender



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Ginger Dillon Thu, 12/18/2008 - 16:03
User Badges:
  • Blue, 1500 points or more

Hi -

The port 8404 you specified for the LDAP URL is for CallManager DC directory. Use port 389 for AD since you are specifying the IP address of your domain controller. Therefore you want ldap://172.16.250.10:389/

P.S. When you get to CUCM version 5.X and above, you can create an AXL application user in CUCM and use this for your MPE integration (much easier).

Ginger

dandrools Thu, 12/18/2008 - 16:17
User Badges:

Yeah I've done the integration between MPX and CCM 6 before. Don't get me started on upgrading, I've told the higher ups it needs to be done they just don't listen.


Assuming the url was all that I had wrong (to be complete I've tried a number of permutations on the various fields and I know I've tried it where the ldap url had port 389 instead of 8404), what are the next steps as far as actually getting the AD user accounts to show up in MPX? Do I need to go through some sort of import process or should they automagically appear after a short time is given for MPX to bring itself up to date? I can't remember what I did before at this point to get the accounts from CCM 6 to show up.


For now I've made the suggested change but all I see when I look in the user profile section are the same ones that we temporarily configured for those that needed to be able to schedule meetings. Do I need to specify the IP address of the domain controller or CallManager in the ldap url?


I'll give it a reboot and see what happens.

Ginger Dillon Fri, 12/19/2008 - 09:38
User Badges:
  • Blue, 1500 points or more

Hi -

We have CUCM 6.X synching with AD nightly. This allows for newly created accounts to be readily available within 24 hours. Of course, you can perform a manual resynch any time. I would make sure this has been done first. For CUCM 6.X, end users MUST have the Primary extension coded for MPE to work as well as CCMUser webpage. Have the user go to the MPE login page and login with his or her AD account and password. The initial login will prompt the user to update his profile. Mainly the user just needs to add his phone extension for MPE to know who to call. I attached our user profile instructions in case you'd like to use them.

Regards, Ginger



Actions

This Discussion