Managing User Accounts

CUCM User Accounts

Several features require accounts for authentication purposes. These features include Admin Web page, user web page and the Following Applications:

  • Cisco Unified Attendant Console
  • Cisco Unified Extension Mobility
  • Cisco Unified Manager Assistant

CUCM sends Authentication to an Internal Library called Internal Management System (IMS) Library.

Account Types

  • End Users: Associated to individuals , they can have admin roles
  • Application Users: Associated with applications such as Attendant Console, UCCX, Cisco Unified Manager Assistant


End Users Application Users
Associated with a  Individual Associated with Application
Provide interactive login Provide noninteractive login
User feature and system administration authorisation Application Authorisation
Included in phone Directory Not included in phone directory
Can be provisionesd and authenticated using a LDAPc3 Directory Server Cannot use LDAPv3

User Privelages
CUCM allows assignment of user  privelages to applications and end users

Privelages that can be assigned to users:

  • Access to Administration and web user pages
  • Access to Specific admin functions
  • Access to Application interface such as CTI and SOAP

User Management
Options include the following:

  • CUCM Administration
  • BAT, allows large insertions, updates and deletions of users when LDAPv3 synchronisation is not leveraged.
  • LDAPv3 integration allows users to be syncronised from the central database to CUCM.
  No LDAPv3 Integration LDAPv3 Sync LDAPv3 Auth
UserID, First Name, Middle name, last name, manager userID, dept,mailID Local DB LDAPv3 (replicated to local DB) LDAPv3 (replicated to local DB)
Password Local DB Local DB LDAPv3
PIN, Digest Credentials, Groups, Roles, AssociatedPCs, Controlled devices, ext mobility, CAPF Presence Group, Mobility Local DB Local DB Local DB

Managing User Accounts

  • Done via User Management Menu

Page 123

Light Weight Directory Access Protocol

LDAPv3 typically stores data that does not change often, such as employee information, user priveliges on the corporate network.

LDAPv3 Integration

CUCM Supports the following Directories

  • MS AD 2000 and 2003
  • Netscape Directory Server 4.x
  • iPlanet Directory Server 5.1
  • Sune ONE Directory Server 5.2

CUCM Supports the following types of LDAPv3 Integration, which can be enabled independently of eachother

  • LDAPv3 synchronisation, Personal and Organisational Data is managed in an LDAPv3 directory and replicated to the Cisco Unified CM IDS Database
  • LDAPv3 Authentication: Allows authentication against a LDAPv3 directory. Passwords are managed in the central LDAPv3 server when the LDAPv3 authentication is turned on

READ UP ON PAGES 127 onwards




Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s