Thursday, 10 December 2015
Cisco: Active Directory Integration for Application Users in Cisco Unified Communications Manager (CUCM)
By default, on a non-integrated Cisco Unified Communications Manager (CUCM), there are two types of users: end users and application users:
1. End users — All users associated with a physical person and an interactive login. This category includes all IP Telephony users, as well as Unified CM administrators when you use the User Groups and Roles configuration (equivalent to the Cisco Multilevel Administration feature in prior Unified CM versions).
2. Application users — All users associated with other Cisco IP Communications features or applications, such as Cisco Attendant Console, Cisco IP Contact Center Express, or Cisco Unified Communications Manager Assistant. These applications need to authenticate with Unified CM, but these internal users do not have an interactive login. This serves purely for internal communications between applications, for example, CCMAdministrator, AC, JTAPI, RM, CCMQRTSecureSysUser, CCMQRTSysUser, CCMSysUser, IPMASecureSysUser, IPMASysUser, WDSecureSysUser, and WDSysUser.
When you integrate Cisco Unified Communications Manager with the Active Directory, the Directory Integration process uses an internal tool called Cisco Directory Synchronization (DirSync) on the Unified CM to synchronize a number of user attributes (either manually or periodically) from a corporate LDAP directory. When this feature is enabled, end users are automatically provisioned from the corporate directory.
* Note: Application users are kept separate and are still provisioned through the Unified CM Administration interface. In other words, application users cannot be synchronized from AD.
In summary, end users are defined in the corporate directory and synchronized into the Unified CM database, while application users are stored only in the Unified CM database and do not need to be defined in the corporate directory.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment