Microsoft Active Directory Integration Integrations with Other Systems
Polycom, Inc. 167
Domain\user name LDAP service account user ID for system access to the
Active Directory. Must be set up in the Active Directory,
but should not have Windows login privileges.
Note: If you use Active Directory attributes that aren’t
replicated across the enterprise via the Global Catalog
server mechanism, the system must query each domain
for the data. Make sure that this service account can
connect to all the LDAP servers in each domain.
The Polycom DMA system initially assigns the
Administrator user role to this user (see “User Roles
Overview” on page312), so you can use this account to
give administrative access to other enterprise user
accounts.
Caution: Leaving a user role assigned to this account
represents a serious security risk. For best security,
remove the Administrator user role so that it can’t be
used for logging into the Polycom DMA system
management interface.
Password Login password for service account user ID.
User LDAP filter Specifies which user accounts to include (an underlying,
non-editable filter excludes all non-user objects in the
directory). The default expression includes all users that
don’t have a status of disabled in the directory.
Don’t edit this expression unless you understand LDAP
filter syntax. See RFC 2254 for syntax information.
Base DN Can be used to restrict the Polycom DMA system to
work with a subset of the Active Directory (such as one
tree of multiple trees, a subtree, or a domain). Leave the
default setting, All Domains, initially. See
“Understanding Base DN” on page 173.
Time of day to refresh
cache Time at which the Polycom DMA system should log into
the directory server(s) and update its cache of user and
group data.
Territory Specifies the territory whose Polycom DMA system
cluster is responsible for updating the user and group
data cache.
In a superclustered system, this information is shared
across the supercluster. The other clusters access the
directory only to authenticate passwords. See
“Territories” on page302 for more information.
Table 7-1 Fields on the Microsoft Active Directory page (continued)
Field Description