Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

VCS Control and VCS Expressway Authenticaion

                   I have a simple setup.

EX90----Internal network---VCS Control 7.2.1--------VCS Expressway 7.2.1.------ Firewall-------Internet---SX20

I have followed the basic configuration guide for VCS Control and Expressway and have everything working over the traversal zone okie dokie.

I have also configured the local Default Subzones on the VCS Control and Expressway so I can have some sort of authentication for the endpoints.  I have a user in each perspective server's local database (ex90user and password on VCS Control and sx20user and password on VCS Expressway.

My question now is can I use the VCS Control Local Database as the central authenticaion database and create both users on the VCS Control server so I don't have to maintain two user databases/


VCS Control and VCS Expressway Authenticaion

I thought there might have been a change with x8.1 but when I just browsed

the admin guide I did not find anything about proxied authentication.

If you want to maintain the local db you would have either to do it manual and separate

as you said. An option could be to use tmspe which replicates the user accounts down

to the local databases.

You also have the possibility to use ad/ntlm on both for JabberVideo or LDAP for generic

h323/sip authentication.

Check out the admin and authentication guides for more info

Please remember to rate helpful responses and identify helpful or correct answers.

Please remember to rate helpful responses and identify

New Member

VCS Control and VCS Expressway Authenticaion


Thanks for the quick reply.  I did try that route and was my first choice.  Unfortunately, I was unable to get it working.  Maybe you can clue me in..

I do have the Maintenance\Login Accounts\LDAP Configuration configured correctly and that Status at the bottom of the page says Available in green (which is different than what the manual says.  It says the state should say Active.  I think it is a mistake in the documentation)

I have also configured the Maintenance\Login Accounts\Administrator Groups according to the documentation and I get no errors.  I have of course created the ou and group in my AD and added a user to test with.

At this point I should be able to login with user that is part of the group in the VCS admin portal.  Unfortunately, it doesn't work.  I have tried username and password, domain/username and password, and username@domain and password. Documentation doesn't say what form to use, but non work anyway.

Most importantly (I think), I don't have the Maintenance\Login Accounts\User Groups that the documentation speaks about.  Do I need another feature key to turn on AD/LDAP authentication?

VCS Control and VCS Expressway Authenticaion


the document is right.!! when the VCS joins to domain it shows active and you will see the message "joined to domain".



New Member

VCS Control and VCS Expressway Authenticaion

All due respect, but I'm speaking of the Maintenance\Login Accounts\LDAP Configuration and not VCS Configuration\Authentication\Devices\Active Directory Service.

Please correct me if I need to see something else here.