CTS-MAN integration with LDAP/Exchange

Unanswered Question
Jan 19th, 2010
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Best Publication, December 2015

Hi guys

just wanted to confirm if its ok to have the LDAP user account and the tpsuper user ( the CTM user who has full access on all the TP rooms mailboxes) the same user with the following privileges in the domain

member of  Domain Admin Group, Enterprise Admin Group and the MS Exchange Servers ?

or it must be diffrent user accounts ?

i did try it with prequalification tool and all the results was successful but i am not sure if their is any technical requirements behind it or not

Thank you

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
gogasca Wed, 01/20/2010 - 13:13
User Badges:
  • Green, 3000 points or more

as long as it has full access to those rooms is ok, in Exchange by default Domains admin inherit no read access and no sent as for users

but if prequal took is ok you should be good

let us know

you can confirm by logging into the room calendar using ctm account via OWA


Marwan ALshawi Thu, 01/21/2010 - 02:32
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Best Publication, December 2015


thanks for your answer, just to let you know

one user account can work for both LDAP and exchange

the user for LDAP only need to be member of domain users group

for exchange has to have full access or read on all of the TP room accounts

tried it with pre-qual tool worked fine and a colleague who done it in production confirmed it to me

by the way why you need send as ?

Thank you

tihopper Fri, 02/05/2010 - 06:37
User Badges:
  • Cisco Employee,

You don't need send as/receive as rights on the account that CTS-Man uses for authentication to Exchange; as stated, it only needs to be a member of the Domain users group.  We have seen customers add this account to the domain admins group, which does use implicit denies to the mailstore, such as send as/receive as, so it's simply something to be mindful of.  As stated, as long as the account is a member of the Domain Users group, and is granted either read only or full access rights to the room mailboxes, all should work as expected.

Justin Pascal Fri, 02/05/2010 - 09:52
User Badges:

That helped.

CTS-Man unfortunately is a pain as Unity VM system is when dealing with MS products


This Discussion