Hi folks , We're installing a CUPS integrated with user LDAP (MS-AD) to be used by CUPC 7. In the config and maintenance guide at the LDAP profile configuration section in the Bind Distinguished Name (DN) field it's said: "[Optional] Specifies the administrator-level account information limited to 128 characters, and in the form [email protected]. This is the distinguished name with which you bind for authenticated bind".
And just after ,at the Anonymous bind check box : "Note: If you check Anonymous Bind, users can sign in anonymously to the LDAP server with read-only access. Anonymous access might be possible on your directory server, but it is not recommended. Instead, create a user with read-only privileges on the same container where the users to be searched are located. Specify the directory number and password in Cisco Unified Presence for Cisco Unified Personal Communicator to use".
Sorry but this is a little bit confusing. First, we are not going to use anonymous bind. So what type of account we will need ? An Admin-level account or a user with read-only privilges ? Where we should specify the read-only account ? How to correct configure this field so CUPC can be authenticated to search for the people at the LDAP directory ?
A regular account means no special permission required. Use ADUC (Active Directory Users and Computers) create a user. Enter the firstname, lastname, password. Set password to never expire and cannot be changed by user.
Hope this helps.