5.5, Active Directory, VMware

Integrate VMware vCenter Single Sign-On (SSO) with Active Directory

Single Sign-On (SSO) is a part of vCenter Installation and important step in Authentication and Authorization
once you install vCenter you would have a “vSphere.local” Domain in your server, it would be better if you could integrate your existing Microsoft Active Directory (AD) environment with your organizational structure of groups and users.

So before we start with the configuration i will login with my Domain User and check that i can see anything (vCenter, Datacenter or Hosts)
10
And as you can see under my vCenter there is nothing of my Datacenter or Hosts
12.PNG
So to start as my luck i added my server to a domain already in my Earlier Blog
so to complete the steps here and add give permission to users
Go to Administrator – Single Sign-on – users and groups
1
so to give a permission for my self
From drop down i can change the “vsphere.local” to “mynaghi.com”
2
i put in the search my name so it will not list the whole organization
3
and if you go under Adminstration – Single Sign-on – Configuration – identity Sources

you see from were you get your configuration
for my case i already added my server to the domain4
so to configure the user and give him access so in Home Page
vCenter – vCenter Servers – Then Select the VC-CCIEROOT.Mynaghi.com
then click on “Manage Tab” – Permission – +
5
Select the Assigned role as Administrator
6
I change the Domain to “Mynaghi” and in the Search bar i put my name and Click Add 7
Now I press OK8
As you can see now it show under the permissions9
Now let me login using my Domain Username & Password again
10
and as you can see i can see under the vCenter my vCenter Servers, My Data Center and My Hosts11

;D

 

 

Standard
Active Directory, CUCM

CUCM integration with Active Directory

When you first finish installing the CUCM the Call Manager use it’s own LDAP Directory of End Users which is nice to use, but in case you work in a company with more than 1000 people it’s insane to add them all. so the preferred way is to integrate CUCM with a corporate LDAP weather it was Linux, OS or Windows. in our case i will show you how to integrate CUCM with Windows Active Directory

from Windows Side all what you need is a user with Administrator Right so you will be able to access the Active Directory

now back to CUCM

first activate the service that help you to Sync Between LDAP and CUCM

1

 

Then Go to Cisco Unified CM Administration > System > LDAP > LDAP System to identify what type of LDAP

2

 

 

 

 

 

 

 

Check the Box to Enable Sync from the LDAP Server

3

 

 

 

 

 

 

Now Go Click on System > LDAP > LDAP Directory and click Add New

in this example the Active Directory is my Domain CCIEROOT.COM
the admin user is : aysar.mohamed@ccieroot.com and i put the password for the authenticate with the LDAP
my LDAP Search Base is where i save the user it could be simple as under users. in my case i sync all the user in my domain

and my LDAP ip address is 192.168.200.1

Untitled

 

 

 

 

 

 

5

 

 

 

 

 

 

6

 

 

 

 

 

Click on System > LDAP > LDAP Authentication. This will authenticate CUCM End Users using Active Directory instead of the embedded CUCM directory.

7

 

 

 

 

 

 

8

 

 

 

 

 

at this point your CUCM is ready to Sync so go back to System > LDAP > LDAP Directory and Perform Full Sync10

 

 

 

After performing the synchronization the users which were created in Active Directory are now appearing in the CUCM End User

12

 

 
Open one of the users

13

 

 

 

 
That is it

Note. for the users that been created on the CUCM before the Sync they will be Disabled. to Solve this issue you need to create users for them in the LDAP Directory and Sync again and they will be hilighted.

Standard