Usermanagement Ldap Minimumtlsversion; Usermanagement Ldap Mode; Usermanagement Ldap Server Address; Usermanagement Ldap Server Port - Cisco TelePresence SX10 Quick Set Administrator's Manual

Cisco TelePresence SX10 Quick Set

Introduction

UserManagement LDAP MinimumTLSVersion

Set the lowest version of the TLS (Transport Layer Security) protocol that is allowed.
Requires user role: ADMIN
Default value: TLSv1.2
Value space: TLSv1.0/TLSv1.1/TLSv1.2
TLSv1.0: Support TLS version 1.0 or higher.
TLSv1.1: Support TLS version 1.1 or higher.
TLSv1.2: Support TLS version 1.2 or higher.

UserManagement LDAP Mode

The video system supports the use of an LDAP (Lightweight Directory Access Protocol)
server as a central place to store and validate user names and passwords. Use this setting
to configure whether or not to use LDAP authentication. Our implementation is tested for
the Microsoft Active Directory (AD) service.
If you switch on LDAP Mode, make sure to configure the other UserManagement LDAP
settings to suit your setup. Here is a few examples.
Example 1:
- UserManagement LDAP Mode: On
- UserManagement LDAP Address: "192.0.2.20"
- UserManagement LDAP BaseDN: "DC=company, DC=com"
- UserManagement LDAP Admin Group: "CN=admin group, OU=company groups,
DC=company, DC=com"
Example 2:
- UserManagement LDAP Mode: On
- UserManagement LDAP Address: "192.0.2.20"
- UserManagement LDAP BaseDN: "DC=company, DC=com"
- UserManagement LDAP Admin Filter: "(|(memberof=CN=admin group, OU=company
groups, DC=company, DC=com)(sAMAccountName=username))"
Requires user role: ADMIN
Default value: Off
Value space: Off/On
Off: LDAP authentication is not allowed.
On: LDAP authentication is allowed.
D15330.14 SX10 Administrator Guide CE9.7, APRIL 2019.
Configuration Peripherals Maintenance

UserManagement LDAP Server Address

Set the IP address or hostname of the LDAP server.
Requires user role: ADMIN
Default value: ""
Value space: String (0..255)
A valid IPv4 address, IPv6 address or hostname.

UserManagement LDAP Server Port

Set the port to connect to the LDAP server on. If set to 0, use the default for the selected
protocol (see the UserManagement LDAP Encryption setting).
Requires user role: ADMIN
Default value: 0
Value space: Integer (0..65535)
The LDAP server port number.

UserManagement LDAP VerifyServerCertificate

When the video system connects to an LDAP server, the server will identify itself to the
video system by presenting its certificate. Use this setting to determine whether or not the
video system will verify the server certificate.
Requires user role: ADMIN
Default value: On
Value space: Off/On
Off: The video system will not verify the LDAP server's certificate.
On: The video system must verify that the LDAP server's certificate is signed by a
trusted Certificate Authority (CA). The CA must be on the list of trusted CAs that are
uploaded to the system in advance. Use the video system's web interface to manage the
list of trusted CAs (see more details in the administrator guide).
www.cisco.com — Copyright © 2019 Cisco Systems, Inc. All rights reserved.
153
Administrator Guide
System settings System settings Appendices