LDAP and LDAP configuration
VQ Conference Manager uses LDAP and supports Active Directory and Open LDAP.
VQ Conference Manager’s LDAP Discovery process takes place when a Call Bridge is brought online for the first time. VQ Conference Manager scans the Call Bridge for all Tenants; if it finds Tenants, it creates each Tenant within VQ Conference Manager and imports any LDAP Sources for that Tenant and saves them as LDAP Configuration Settings for the Tenant. If there are no Tenants on the Call Bridge, VQ Conference Manager will import any LDAP Sources it finds on the Call Bridge and will create LDAP Configuration Settings for them under the Default Tenant.
Once the LDAP Discovery process is complete (once the first Call Bridge in a cluster has been set Online), all that is then required is that the Administrator runs the LDAP importer per Tenant to provision VQ Conference Manager with the same set of users as being used on the Call Bridge.
(Please see LDAP/Active Directory and LDAP Discovery for more detailed information.)
LDAP/AD Configuration
Check users are being imported and have the right UX Profile, Space Template type, Time Zone and Locale.
The LDAP Configuration page contains a couple of easy to miss settings. Check you have the one you need:
Sync with Call Bridge
Normally, this option is checked and instructs VQCM to share LDAP/AD configuration settings with CMS, allows the VQCM LDAP Importer to run and, as part of that, instruct CMS to Synchronize with LDAP/AD.
Note that if the “Use PMP Licenses” is set, VQCM will set the “PMP license” on each provisioned user by the LDAP Import (the request will be rejected by CMS if insufficient PMP licenses have been purchased from Cisco).
When unchecked, VQCM shares no LDAP/AD configuration settings with CMS and, importantly, never issues a LDAP Synchronize command to CMS.
Uncheck this option if you are not using the CMA client from Cisco, do not require PMP licensing and want to use your CMS cluster as “a big MCU” with none of the valued added features offered by CMA.
Create Endpoint for User
VQCM’s default is to create a CMA compatible Endpoint (device) URI for each user imported from LDAP/AD. This populates CM’s address books and makes it easy to add members to Spaces or scheduled calls. In some cases, you might want to associate endpoints (devices) with users that don’t use the same address convention as used by CMA (the device URI is the same as the user login name): $sAMAccountName$@yourdomain.com
Create Spaces on LDAP import
Normally this option is checked; VQCM will create the Spaces using VQCM’s Space Templates mechanisms and gives complete control of how calls perform without getting anywhere near the CMS APIs.
If this option is unchecked and Space mapping options have been defined (an attribute mapping has been defined for Space name and URI), CMS will create a Space for each user using default settings configured on CMS.
Do you need the LDAP Importer to run on a regular basis?
Please read the Automated LDAP Import document available from the VQ Customer Portal. You can also contact support@vqcomms.com and we’ll guide you thru the process.
Check the Operations team know how to:
- Run the Importer
- Run a destructive Import (to mass delete users)
- Look at the Importer logs to check that imports have run as expected