07-23-2014 08:00 AM - edited 03-18-2019 03:13 AM
I was wondering if it is possible to automate the initial jabber login process. Meaning, can a user login to windows and have jabber log them in automatically without them ever having to enter their credentials even for that first login?
Thanks
Solved! Go to Solution.
07-26-2014 04:17 PM
The answer for today is no; however, Jabber will be adding SSO via SAML in the future which would allow you to accomplish most of this. They would need to enter their email address on first launch for service discovery to occur; however, if the SAML IDP considered their session to already be active by virtue of doing a domain login - this is up to the IDP to decide - then authentication could occur automatically. I'm not certain that Cisco has publicly committed to which release of Jabber for Windows gets SAML SSO so I'm going to refrain from giving any further specifics.
For the time being, you should start learning about SAML and CUCM in 10.x as that would be the starting point.
07-23-2014 08:40 AM
Are you referring to Jabber Video for TelePresence that works with VCS or simply Jabber that works with CUCM? I'm assuming it's Jabber Video since you're asking in the TelePresence forums, but wanted to make sure.
There currently is no way that I know of to make the login happen automatically, the user would need to enter there username and password at least once for it to be saved. You could put in the username into the HKCU\Software\Cisco\JabberVideo\<user> key in the registry, but that doesn't do anything for the password.
There is even a MSI switch "UseWindowsUsername" that you can use when installing Jabber Video, but that is a legacy setting that might be soon to disappear, and is not recommended according to the admin guide. This doesn't do anything for the password, nor MAC OS X users.
07-23-2014 09:00 AM
Hi MkBarry89,
Hmm, interesting. Are you suggesting that the Jabber credentials are the same as their windows credentials? Jabber support NTLM and in the olden days you could pre-configure the Jabber deployment package to use the Windows user name, however, from the administration guide, this is being depreciated (but should still work for the time being)
Truthfully, I don't know if this can be done although you may be able to manipulate the MSI file to add variable for "domain\username", but I don't know.
Cheers,
Chris
07-26-2014 04:17 PM
The answer for today is no; however, Jabber will be adding SSO via SAML in the future which would allow you to accomplish most of this. They would need to enter their email address on first launch for service discovery to occur; however, if the SAML IDP considered their session to already be active by virtue of doing a domain login - this is up to the IDP to decide - then authentication could occur automatically. I'm not certain that Cisco has publicly committed to which release of Jabber for Windows gets SAML SSO so I'm going to refrain from giving any further specifics.
For the time being, you should start learning about SAML and CUCM in 10.x as that would be the starting point.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide