Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3372
Views
10
Helpful
7
Replies

Access to Cisco Call manager ---- Secure and AAA

sohail_sarwar
Level 1
Level 1

‎11-19-2010 07:40 AM - edited ‎03-16-2019 02:01 AM

Hi Everyone

We would like that any one who accesses the cisco call manager , it should ask for credentials like it is used for Network devices ( Routers /Switches)

so that one keeps track of any changes being made on it

Can we add Cisco Call Manager Server  to Cisco ACS  Server

2 people had this problem
Labels:
0 Helpful
7 Replies 7

Jaime Valencia
Cisco Employee
Cisco Employee

‎11-19-2010 07:51 AM

CUCM already asks you for a user/pwd for admin pages and ccmuser. If you don't have those you can't log in

CUCM does not integrate to any other authentication mechanisms for login.

HTH

java

If this helps, please rate

www.cisco.com/go/pdihelpdesk

HTH

java

if this helps, please rate

William Bell
VIP Alumni
VIP Alumni
In response to Jaime Valencia

‎11-19-2010 08:03 AM

Java is correct (+5 J-man) but I would like to clarify that you can have CUCM authenticate users against an external LDAP repository. You would lose centralized accounting on the ACS server, but it is likely that the ACS is also using LDAP for credential authentication. Which may get you a little closer.

So, Authentication can be done locally on the CUCM or via a backend LDAP repository.  Authorization and Accounting are done on the CUCM. The CUCM provides very granular authorization controls.  The accounting is provided by the auditing features embedded in later versions of CUCM.

http://www.netcraftsmen.net/resources/blogs/audit-logs-on-cucm.html

HTH.

Regards,
Bill

HTH -Bill (b) http://ucguerrilla.com (t) @ucguerrilla

Please remember to rate helpful responses and identify

0 Helpful

muazam ali
Level 1
Level 1
In response to Jaime Valencia

‎03-16-2017 04:08 AM

Hi Jaime,

If CUCM can not use AAA, then is there any option to check which user has changed any changes to configuration. 

0 Helpful

Jaime Valencia
Cisco Employee
Cisco Employee
In response to muazam ali

‎03-16-2017 06:44 AM

Yes, this has been asked plenty of times before

http://docwiki.cisco.com/wiki/CUCM_FAQ#Can_I_review_who_is_making_changes_in_CUCM.3F.3F

HTH

java

if this helps, please rate
0 Helpful

seanvaid
Level 3
Level 3
In response to Jaime Valencia

‎03-16-2017 07:09 AM

Jaime,

You can use ldap authentication for cucm administration now, is that not correct? It doesn't allow all features that are related to system administration, but the day-to-day admin stuff can definitely be allowed for ldap users. 

0 Helpful

Jaime Valencia
Cisco Employee
Cisco Employee
In response to seanvaid

‎03-16-2017 07:12 AM

You have been able to add LDAP users to the CUCM admin group for quite a long time, that only enables access to the system, what a user can do, is based on roles and groups.

HTH

java

if this helps, please rate

jaouad laktami
Level 1
Level 1
In response to Jaime Valencia

‎12-07-2018 05:44 AM

Where can i find good documentation to that for the cucm 11.5.
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents