Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
568
Views
0
Helpful
4
Replies

CUPS 6 LDAP profile configuration Parameter

Go to solution
fabio.muller
Level 1
Level 1

‎05-13-2009 04:46 PM - edited ‎03-18-2019 11:02 PM

Hi folks , We're installing a CUPS integrated with user LDAP (MS-AD) to be used by CUPC 7. In the config and maintenance guide at the LDAP profile configuration section in the Bind Distinguished Name (DN) field it's said: "[Optional] Specifies the administrator-level account information limited to 128 characters, and in the form useraccount@domain.com. This is the distinguished name with which you bind for authenticated bind".

And just after ,at the Anonymous bind check box : "Note: If you check Anonymous Bind, users can sign in anonymously to the LDAP server with read-only access. Anonymous access might be possible on your directory server, but it is not recommended. Instead, create a user with read-only privileges on the same container where the users to be searched are located. Specify the directory number and password in Cisco Unified Presence for Cisco Unified Personal Communicator to use".

Sorry but this is a little bit confusing. First, we are not going to use anonymous bind. So what type of account we will need ? An Admin-level account or a user with read-only privilges ? Where we should specify the read-only account ? How to correct configure this field so CUPC can be authenticated to search for the people at the LDAP directory ?

Tks...

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
htluo
Level 9
Level 9
In response to fabio.muller

‎05-14-2009 05:35 AM

A regular account means no special permission required. Use ADUC (Active Directory Users and Computers) create a user. Enter the firstname, lastname, password. Set password to never expire and cannot be changed by user.

That's it.

Hope this helps.

Michael

View solution in original post

0 Helpful
4 Replies 4

Go to solution
htluo
Level 9
Level 9

‎05-13-2009 06:33 PM

1) Do not use "anonymous bind". Anonymous bind is disabled on most of the LDAP server by default.

2) Create a regular user.

3) If it's active directory, use the command below to find out the fully qualified DN (run the command on a domain controller):

dsquery user -samid cupcldap

Where 'cupcldap' is the account you created on step 2.

Michael

http://htluo.blogspot.com

0 Helpful

Go to solution
fabio.muller
Level 1
Level 1
In response to htluo

‎05-14-2009 04:58 AM

Many Thanks Michael , but regarding the regular user, what type of account do you generally create ? A read-only with admin rights ?

PS : Congrats for you book and the blog , we were aware of your book this week only and we'll be buying a copy. But, probably it will arrive by the end of June only and we could not wait till there to finish this implementation . If we had known about it earlier we wouldn't get these doubts now. Everybody here agreed that is a must for any professional working with Unified communications.

0 Helpful

Go to solution
htluo
Level 9
Level 9
In response to fabio.muller

‎05-14-2009 05:35 AM

A regular account means no special permission required. Use ADUC (Active Directory Users and Computers) create a user. Enter the firstname, lastname, password. Set password to never expire and cannot be changed by user.

That's it.

Hope this helps.

Michael

0 Helpful

Go to solution
fabio.muller
Level 1
Level 1
In response to htluo

‎05-14-2009 07:24 AM

A lot Michael. Tks.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents