Monday, February 11, 2013

Jabber Deployment Considerations: Authentication

One of the big hurdles to CUP/Jabber deployment in the past was the requirement for Active Directory or LDAP integration for authentication.  For deployments with significant amounts of CUCM local users, this added additional complexity from a deployment perspective, requiring conversion to LDAP or AD based user accounts.  To remedy this, the User Data Service (UDS) was added to CUCM versions 8.6.2 and above which allows Jabber clients to not only authenticate against the CUCM local user database, but also search directory information in CUCM.  Now, organizations can deploy CUP and Jabber clients more rapidly without re-architecting their authentication mechanisms in their UC environment.

To implement UDS:

http://www.cisco.com/en/US/docs/voice_ip_comm/jabber/Windows/9_0_1/b_jabber_win_icg_chapter_01.html#JABW_RF_CE1A16F9_00

Enable Integration with UDS

To enable integration with UDS, you perform the following steps:
  1. Create your directory source in Cisco Unified Communications Manager.
  2. Synchronize the contact data to Cisco Unified Communications Manager.
  3. Specify UDS as the value of the DirectoryServerType parameter in your Cisco Jabber for Windows configuration file.
  4. Upload the modified jabber-config.xml file to the TFTP server and restart the TFTP service.
For testing purposes, simply modify the file on one client to make sure it works before uploading the custom jabber-config.xml file to TFTP for all to use.

 Cisco Jabber for Windows caches configuration files in the following locations:
Microsoft Windows 7
%USERPROFILE%\AppData\Roaming\Cisco\Unified Communications\Jabber\CSF\Config
Microsoft Windows XP
%SYSTEMROOT%\Documents and Settings\user_name\Application Data\Cisco\Unified Communications\Jabber\CSF\Config


 For assistance with the contents of the jabber-config.xml file, consult the Jabber for Windows Admin Guide.  Essentially, you are just adding:
<Directory>
  <DirectoryServerType>UDS</DirectoryServerType>
 </Directory>
Your environment may require additional attributes for photo retrieval, but in general, this will make Jabber clients authenticate to CUCM using CUCM user accounts.


There is also a great tool on the Cisco Support forums that helps generate the file.














Posted by





at
7:00 AM
























Labels:
,
,
,

















1 comment:








  1. jane hollyNovember 27, 2020 at 5:54 PM
    This professional hacker is absolutely reliable and I strongly recommend him for any type of hack you require. I know this because I have hired him severally for various hacks and he has never disappointed me nor any of my friends who have hired him too, he can help you with any of the following hacks:

    -Phone hacks (remotely)
    -Credit repair
    -Bitcoin recovery (any cryptocurrency)
    -Make money from home (USA only)
    -Social media hacks
    -Website hacks
    -Erase criminal records (USA & Canada only)
    -Grade change
    -funds recovery

    Email: onlineghosthacker247@ gmail .com 
    ReplyDelete




























        

      









Subscribe to:
Post Comments (Atom)