[an error occurred while processing this directive]

Cisco Unified Communications Manager (CallManager)

Installing and Configuring the Cisco Customer Directory Configuration Plugin

 Feedback

Table Of Contents

Installing and Configuring the Cisco Customer Directory Configuration Plugin

Contents

Before You Begin

Installing the Cisco Customer Directory Configuration Plugin

Configuring the Netscape Directory Server

Configuring the Microsoft Active Directory Server

Adding and Deleting Users from Cisco CallManager Administration

Integrating Cisco WebAttendant with the Corporate Directory Service

Obtaining Documentation

World Wide Web

Documentation CD-ROM

Ordering Documentation

Documentation Feedback

Obtaining Technical Assistance

Cisco.com

Technical Assistance Center

Cisco TAC Web Site

Cisco TAC Escalation Center


Installing and Configuring the Cisco Customer Directory Configuration Plugin


Cisco CallManager uses an Lightweight Directory Access Protocol (LDAP) directory to store authentication and authorization information about users of Cisco CallManager applications, which interface with the Cisco CallManager. Authentication establishes the user right to access the system, while authorization identifies the telephony resources that a user is permitted to use, such as a specific telephone extension.

When you install the directory plugin, a prompt asks you to integrate the directory with one of the following enterprise LDAP directories:

Microsoft Active Directory (AD)

Netscape Directory Server

After the LDAP directory configuration completes, you can use the Corporate Directory service on your Cisco IP Phone Model 7940 or 7960 to look up users in the corporate directory. You can also upload completed workflow application files to the directory. The application server downloads the files to run workflow applications when you use the administration client to start a specific application.


Note You can integrate the Corporate Directory service on the Cisco IP phone with a corporate directory without integrating the Cisco CallManager. For more information on integrating only the Corporate Directory service with the Cisco IP phone, refer to the latest version of the LDAP Search Com Server Programming Guide at the following URL: http://www.cisco.com/warp/public/570/avvid/voice_ip/cm_xml/downloads/LDAPSearch_Programming_Guide.doc


Contents

Before You Begin

Installing the Cisco Customer Directory Configuration Plugin

Configuring the Netscape Directory Server

Configuring the Microsoft Active Directory Server

Obtaining Documentation

Integrating Cisco WebAttendant with the Corporate Directory Service

Obtaining Documentation

Obtaining Technical Assistance

Before You Begin

You use the Cisco Customer Directory Configuration Plugin only if you do not want to use the embedded DCD directory. This plugin, which includes Netscape Directory Server and Microsoft Active Directory Server, installs only on servers running Cisco CallManager 3.0(10) or later. Starting with the publisher, you install the plugin on all Cisco CallManager servers in the cluster. Cisco recommends that you have either one Netscape Directory server or one Microsoft Active Directory server per Cisco CallManager cluster.

Contact your Netscape Directory Server or Microsoft Active Directory Server administrator for installation and configuration assistance.


Caution Microsoft Active Directory Server does not support schema deletion. After you have installed the Cisco schema extensions, you cannot revert to the previous schema. Cisco recommends that you back up your Microsoft Active Directory Server, especially the schema master, before you install/configure the Cisco Customer Directory Configuration Plugin and install the Cisco schema extensions on your Microsoft Active Directory Server. For more information on backing up your Microsoft Active Directory Server, contact your Microsoft Active Directory Server administrator.

Installing the Cisco Customer Directory Configuration Plugin


Step 1 Starting with the publisher, choose Start > Programs > Cisco CallManager > Cisco CallManager Administration and log in with administrator privileges.

Step 2 Choose Application > Install Plugin.

Step 3 Click the plugin icon for Cisco Customer Directory Configuration.

Step 4 A prompt may ask you to verify whether the host server acts as the publisher or subscriber. If the host server acts as a subscriber, a prompt asks you for authentication to the publisher. Enter the Windows 2000 user name and password with local administrative rights.


Note Cisco requires authentication to the publisher so that certain fields automatically populate during the configuration process.


Step 5 In the Components window, you may see one or more of the following options. From the window, check one of the following options:

If you check Configure Netscape Directory Server (or Upgrade Netscape Directory Configuration), go to the "Configuring the Netscape Directory Server" section.

If you check Configure Active Directory Server (or Upgrade Microsoft Active Directory Configuration), go to the "Configuring the Microsoft Active Directory Server" section.


Note If you check Uninstall Active Directory Configuration (or Uninstall Netscape Directory Configuration), which is available after an initial installation, Cisco CallManager automatically integrates with DC Directory.



Configuring the Netscape Directory Server

Perform the following steps to configure the Netscape Directory Server:


Step 1 You may receive a prompt with one of the two following configuration options:

a. Check Express if you want the plugin to configure Netscape Directory and enable Cisco CallManager integration with Netscape Directory. On the publisher, the plugin configures the Netscape Directory and integrates Cisco CallManager with the Netscape Directory. On the subscriber, the plugin only integrates Cisco CallManager with the Netscape Directory.


Note Cisco recommends that you check the Express option. Cisco makes the Custom option available for administrators experienced with Netscape Directory Server.


b. Check Custom for two nonexclusive custom installation options:

Configure Netscape Directory

Enable CallManager Integration with Netscape Directory

If you do not receive the prompt, go to Step 2.

Step 2 The Customer Information window prompts you for the following information, as seen in Table 1. Most fields in this window display prepopulated information. Verify that this information is correct before continuing the configuration process.


Note On the subscriber, the prepopulated information comes from the publisher.


Table 1 Customer Information Window 

Field
Recommended Action

Host Name

Enter the hostname (or IP address) where you installed Netscape Directory.

Port Number

Enter the port number on which Netscape Directory listens for the LDAP requests.

Directory Administrator DN

Enter the Netscape Directory Administrator Distinguished Name.

Directory Administrator Password

Enter the Netscape Directory password.

Confirm Password

Enter the Netscape Directory password again.

Cisco Directory Configuration DN

Enter the Cisco Directory Configuration Distinguished Name. This specifies the DN where the Cisco-dependent schema is created for the Cisco CallManager.

User Search Base

Enter the User search base. The search base stores the Netscape Directory user information.

User Name Attribute

Enter the Relative Distinguished Name (RDN) for user entries. Examples include cn, uid, etc.

User Search Attribute

Enter an attribute that you can use to search for a user in the corporate directory. Make sure that the value for this attribute is unique for each user in the directory. Examples include mail or uid.


Note The user enters the value for this attribute in the User Identification field when logging in to the Cisco IP Phone User Option pages.



Step 3 After you enter the information into the fields, click the Next button. The system begins to verify whether you entered the configuration information correctly.

Step 4 If you entered the information correctly, a confirmation window summarizes the configuration information. Click the Next button.

Step 5 Depending on the version of the plugin, you may see a prompt that asks if you would like to use the existing schema. Choose Yes to use the existing Cisco schema extensions on the disk in the C:\dcdsrvr\run\dcx500\config\Netscape folder. Choose No to overwrite the existing Cisco schema files present on the disk with the latest Cisco schema extensions available through the plugin.

You will not see this prompt if you are using Cisco Customer Directory Configuration Plugin v 1.19 or a later version of the plugin. If you do not see the prompt, go to Step 6 and continue the configuration process.


Note Cisco recommends that you choose No, so the latest Cisco schema extensions install on your directory server.


Step 6 A prompt asks you to copy the schema files to your Netscape Directory server. Copy the files slapd.user_at.conf and slapd.user_oc.conf into a destination folder that you create on your Netscape Directory Server.

Step 7 Restart your Netscape Directory Server and then click OK.

Step 8 Click the FINISH button and reboot your system immediately.


Configuring the Microsoft Active Directory Server


Note Cisco does not require that the Cisco CallManager be a part of the Microsoft Active Directory domain.


Perform the following procedure to configure the Microsoft Active Directory Server:


Step 1 If you checked Configure Active Directory Server (or Upgrade Active Directory Configuration), a prompt may ask you to check either Express or Custom, which are setup options.

a. If you check Express, the plugin updates the schema, configures Microsoft Active Directory, and enables Cisco CallManager integration with Microsoft Active Directory. Click the Next button and go to Step 2.


Note Cisco recommends that you check the Express option. Cisco makes the Custom option available for administrators experienced with Microsoft Active Directory Server.


b. If you check Custom, go to Step 4.

Step 2 A prompt then asks you for the Microsoft Active Directory server host name and port number. Cisco CallManager prepopulates the fields if the values exist in the registry.

a. In the Host Name field, enter the Hostname (or IP address) where you installed Microsoft Active Directory.

b. In the Port Number field, enter the port number where Microsoft Active Directory listens for the LDAP requests.

Step 3 The plugin obtains the domain name in the Microsoft Active Directory server. In the Active Directory Configuration window, you may see the following information from Table 2 prepopulated in the fields. Verify the information before continuing the configuration process.

Table 2 Active Directory Configuration Window 

Field
Recommended Action

Directory Administrator DN

Enter the Microsoft Active Directory Administrator Distinguished Name.

Directory Administrator Password

Enter the Microsoft Active Directory password.

Confirm Password

Enter the password again.

Cisco Directory Configuration DN

Enter the Cisco Directory Configuration Distinguished Name. This specifies the DN where the Cisco-dependent schema is created for the Cisco CallManager.

User Search Base

Enter the User search base. The search base stores the Microsoft Active Directory user information.

User Search Attribute

Enter an attribute that you can use to find a user in the corporate directory. Make sure that the value for this attribute is unique for each user in the directory. An example includes sAMAccountName.


Note The user enters the value for this attribute in the User Identification field when logging in to the Cisco IP Phone User Option pages.


Domain Name

Enter the Microsoft Active Directory domain name.


On the publisher, the plugin installs the schema, configures the Microsoft Active Directory, and integrates Cisco CallManager with the Microsoft Active Directory. On the subscriber, the plugin only integrates Cisco CallManager with this Microsoft Active Directory. To continue the Express configuration, go to Step 10.

Step 4 If you checked Custom, three nonexclusive custom installation options appear in the window. You may check as many of the check boxes as you want. If you want all of the options, click the Select All button. After you finish making your choices, click the Next button.


Caution Microsoft Active Directory Server does not support schema deletion. After you have installed the Cisco schema extensions, you cannot revert to the old schema. Cisco recommends that you back up your Microsoft Active Directory Server, especially the schema master, before you install/configure the Cisco Customer Directory Configuration Plugin and install the Cisco schema extensions on your Microsoft Active Directory Server. For more information on backing up your Microsoft Active Directory Server, contact your Microsoft Active Directory Server administrator.

If you do not want to choose all of the options, see the following choices:

For Install Schema on Schema Master, go to Step 5.

For Enable CallManager Integration with Active Directory, go to Step 7.

For Configure Active Directory, go to Step 8.

After you finish making your choices, click the Next button.

Step 5 If you checked Install Schema on Schema Master, a window opens. Enter the schema master host name and port number, if it is not already prepopulated. If you check the check box, click Next and continue the configuration process. Checking this check box ensures that the information in Step 7 and Step 8 prepopulates.

Step 6 The plugin retrieves the domain name from the schema master and prepopulates the following information, as listed inTable 3. Verify the information before continuing the configuration process.

Table 3 Active Directory Configuration Window 

Field
Recommended Action

Directory Administrator DN

Enter the Microsoft Active Directory Administrator Distinguished Name.

Directory Administrator Password

Enter the Microsoft Active Directory password.

Confirm Password

Enter the password again.

Domain Name

Enter the Microsoft Active Directory domain name.


The plugin installs the schema on the schema master, according to the information that you previously entered or verified.

Step 7 If you checked Configure Active Directory or Enable CallManager Integration with Active Directory, enter the Microsoft Active Directory server host name and port number. Click the Next button.

Step 8 The plugin retrieves the domain name from the Microsoft Active Directory server and may prepopulate the following information, as shown in Table 4. Verify the information before continuing the configuration process.

Table 4 Active Directory Configuration Window 

Field
Recommended Action

Directory Administrator DN

Enter the Microsoft Active Directory Administrator Distinguished Name.

Directory Administrator Password

Enter the Microsoft Active Directory Password.

Confirm Password

Enter the password again.

Cisco Directory Configuration DN

Enter the Cisco Directory Configuration Distinguished Name. This specifies the DN where the Cisco-dependent schema is created for the Cisco CallManager.

User Search Base

Enter the User search base. The search base stores the Microsoft Active Directory user information.

User Search Attribute

Enter an attribute that you can use to find a user in the corporate directory. Make sure that the value for this attribute is unique for each user in the directory. An example includes sAMAccountName.


Note The user enters the value for this attribute in the User Identification field when logging in to the Cisco IP Phone User Option pages.


Domain Name

Enter the Microsoft Active Directory domain name.


The plugin configures the Microsoft Active Directory according to the information that you previously entered or verified.

Step 9 After completing the configuration information, click the Next button. The verification process begins to check whether the previous information exists in the directory. If the information exists, a confirmation window appears and summarizes the information. Click the Next button.

Step 10 The plugin attempts to read the schema update permission registry key on the destination Microsoft Active Directory server where the schema is installed.


Note If the Microsoft Active Directory server is not set to 1 or if the plugin fails to read the registry key, a dialog box asks you to ensure that the registry entry has been set properly. Make sure that the registry entry HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters\Schema Update Allowed is set on the Microsoft Active Directory Server to 1. This allows write access to the schema on that server.


Step 11 If you checked Express Install in Step 1 or Install Schema on Schema Master in Step 5, a dialog box asks your permission to use the existing schema. Choose Yes to use the existing Cisco schema extensions on the disk in the C:\dcdsrvr\run\dcx500\config\AD folder. Choose No to overwrite the existing Cisco schema files present on the disk with the latest Cisco schema extensions available through the plugin.


Note Cisco recommends that you choose No, so the latest Cisco schema extensions install on your directory server.


Step 12 If a dialog box prompts you to complete the configuration process, click the Finish button and reboot the system immediately. You may not receive this dialog box if you are running a version of the plugin released after Cisco CallManager 3.0(10).


Adding and Deleting Users from Cisco CallManager Administration


Note You can always modify the Cisco specific attributes; however, by default, you cannot add or delete user entries from your corporate directory by using Cisco CallManager Administration.


This functionality, provided for your convenience, does not replace your existing user/directory management tools. Be aware that this functionality is limited; Cisco expects that you will typically add or delete users using other available tools.


Note You cannot set up or update user passwords from Cisco CallManager Administration when it is integrated with Microsoft Active Directory Server.


Before you add or delete users through Cisco CallManager Administration, perform the following procedure:


Step 1 Choose Start > Run.

Step 2 Enter regedit into the Open field and then click OK.

Step 3 Browse to \\HKEY_LOCAL_MACHINE\Software\Cisco Systems, Inc.\Directory Configuration within the registry.

Step 4 In the right pane, double-click the DirAccess registry key.

Step 5 Delete the false registry entry and enter true as the new registry entry.

Step 6 Restart the IIS Admin Service and its dependent services by choosing Start > Programs > Administrative Tools> Services.

Step 7 Right-click IIS Admin Service and then choose Restart.

Step 8 A dialog box prompts you to restart dependent services. These services may differ depending on your configuration. Click Yes.

Step 9 Restart the dependent services.

You may now add, update, or delete users within Cisco CallManager Administration. Refer to the latest version of the Cisco CallManager Administration Guide for information on how to perform these tasks.


Caution When entering the user password in Cisco CallManager Administration, be aware that you may use alphanumeric characters only.


Integrating Cisco WebAttendant with the Corporate Directory Service

Cisco WebAttendant uses a special user, cn=CTI Framework and mail=ctifw (Netscape) or SAMAccountName=ctifw (AD), that is not visible from Cisco CallManager Administration to authenticate with the Cisco CallManager. If you specify a User Search Attribute other than the default when configuring the plugin, make sure that you set the value for the attribute for the ctifw user to ctifw. If you specify uid as your User Search Attribute, edit the ctifw user entry in your directory by setting it to uid=ctifw. In addition, when you integrate the Cisco CallManager with Microsoft Active Directory Server, you must perform the following procedure to enable the Cisco WebAttendant:


Step 1 Set the password for the user in the corporate directory using your standard user management tools.

Step 2 On a Cisco CallManager server, choose Start > Run and enter cmd to open a command prompt. Click OK.

Step 3 Enter the command, PasswordUtils <password>; for example,

PasswordUtils ciscocisco

Step 4 The previous action generates an encrypted password. Copy the password into the Windows clipboard.

Step 5 Choose Start > Run.

Step 6 Enter regedit into the Open field and then click OK.

Step 7 Browse to \\HKEY_LOCAL_MACHINE\Software\Cisco Systems, Inc.\Directory Configuration within the registry.

Step 8 Delete the value CTIFWPW and paste the encrypted password from Step 3 into the field.

Step 9 Restart the Cisco Telephony Call Dispatcher service by choosing Start > Programs > Administrative Tools > Services. Highlight the service in the list; right click on the service and then click Restart from the drop-down list.

Step 10 Repeat Step 2 through Step 9 for each Cisco CallManager server in the cluster.


Obtaining Documentation

The following sections explain how to obtain documentation from Cisco Systems.

World Wide Web

You can access the most current Cisco documentation on the World Wide Web at the following URL:

http://www.cisco.com

Translated documentation is available at the following URL:

http://www.cisco.com/public/countries_languages.shtml

Documentation CD-ROM

Cisco documentation and additional literature are available in a Cisco Documentation CD-ROM package, which is shipped with your product. The Documentation CD-ROM is updated monthly and may be more current than printed documentation. The CD-ROM package is available as a single unit or through an annual subscription.

Ordering Documentation

Cisco documentation is available in the following ways:

Registered Cisco Direct Customers can order Cisco product documentation from the Networking Products MarketPlace:

http://www.cisco.com/cgi-bin/order/order_root.pl

Registered Cisco.com users can order the Documentation CD-ROM through the online Subscription Store:

http://www.cisco.com/go/subscription

Nonregistered Cisco.com users can order documentation through a local account representative by calling Cisco corporate headquarters (California, USA) at 408 526-7208 or, elsewhere in North America, by calling 800 553-NETS (6387).

Documentation Feedback

If you are reading Cisco product documentation on Cisco.com, you can submit technical comments electronically. Click Feedback at the top of the Cisco Documentation home page. After you complete the form, print it out and fax it to Cisco at 408 527-0730.

You can e-mail your comments to bug-doc@cisco.com.

To submit your comments by mail, use the response card behind the front cover of your document, or write to the following address:

Cisco Systems, Inc.
Attn: Document Resource Connection
170 West Tasman Drive
San Jose, CA 95134-9883

We appreciate your comments.

Obtaining Technical Assistance

Cisco provides Cisco.com as a starting point for all technical assistance. Customers and partners can obtain documentation, troubleshooting tips, and sample configurations from online tools by using the Cisco Technical Assistance Center (TAC) Web Site. Cisco.com registered users have complete access to the technical support resources on the Cisco TAC Web Site.

Cisco.com

Cisco.com is the foundation of a suite of interactive, networked services that provides immediate, open access to Cisco information, networking solutions, services, programs, and resources at any time, from anywhere in the world.

Cisco.com is a highly integrated Internet application and a powerful, easy-to-use tool that provides a broad range of features and services to help you to

Streamline business processes and improve productivity

Resolve technical issues with online support

Download and test software packages

Order Cisco learning materials and merchandise

Register for online skill assessment, training, and certification programs

You can self-register on Cisco.com to obtain customized information and service. To access Cisco.com, go to the following URL:

http://www.cisco.com

Technical Assistance Center

The Cisco TAC is available to all customers who need technical assistance with a Cisco product, technology, or solution. Two types of support are available through the Cisco TAC: the Cisco TAC Web Site and the Cisco TAC Escalation Center.

Inquiries to Cisco TAC are categorized according to the urgency of the issue:

Priority level 4 (P4)—You need information or assistance concerning Cisco product capabilities, product installation, or basic product configuration.

Priority level 3 (P3)—Your network performance is degraded. Network functionality is noticeably impaired, but most business operations continue.

Priority level 2 (P2)—Your production network is severely degraded, affecting significant aspects of business operations. No workaround is available.

Priority level 1 (P1)—Your production network is down, and a critical impact to business operations will occur if service is not restored quickly. No workaround is available.

Which Cisco TAC resource you choose is based on the priority of the problem and the conditions of service contracts, when applicable.

Cisco TAC Web Site

The Cisco TAC Web Site allows you to resolve P3 and P4 issues yourself, saving both cost and time. The site provides around-the-clock access to online tools, knowledge bases, and software. To access the Cisco TAC Web Site, go to the following URL:

http://www.cisco.com/tac

All customers, partners, and resellers who have a valid Cisco services contract have complete access to the technical support resources on the Cisco TAC Web Site. The Cisco TAC Web Site requires a Cisco.com login ID and password. If you have a valid service contract but do not have a login ID or password, go to the following URL to register:

http://www.cisco.com/register/

If you cannot resolve your technical issues by using the Cisco TAC Web Site, and you are a Cisco.com registered user, you can open a case online by using the TAC Case Open tool at the following URL:

http://www.cisco.com/tac/caseopen

If you have Internet access, it is recommended that you open P3 and P4 cases through the Cisco TAC Web Site.

Cisco TAC Escalation Center

The Cisco TAC Escalation Center addresses issues that are classified as priority level 1 or priority level 2; these classifications are assigned when severe network degradation significantly impacts business operations. When you contact the TAC Escalation Center with a P1 or P2 problem, a Cisco TAC engineer will automatically open a case.

To obtain a directory of toll-free Cisco TAC telephone numbers for your country, go to the following URL:

http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml

Before calling, please check with your network operations center to determine the level of Cisco support services to which your company is entitled; for example, SMARTnet, SMARTnet Onsite, or Network Supported Accounts (NSA). In addition, please have available your service agreement number and your product serial number.


[an error occurred while processing this directive]