Integrations with Other Systems

Field

Description

 

 

IP address or host name

If this option is selected, the system attempts to connect to the Microsoft

 

Active Directory domain controller specified.

 

For a single-domain forest, enter the host name or IP address of a domain

 

controller.

 

For a multi-domain forest, we don’t recommend using this option. If you must,

 

enter the host name or IP address of a specific global catalog server, not the

 

DNS domain name.

 

The Polycom RealPresence DMA system can only integrate with one forest. A

 

special “Exchange forest” (in which all users are disabled) won’t work

 

because the system doesn’t support conferencing for disabled users.

 

 

Domain\user name

LDAP service account user ID for system access to the Active Directory. Must

 

be set up in the Active Directory, but should not have Windows login

 

privileges.

 

Note: If you use Active Directory attributes that aren’t replicated across the

 

enterprise via the Global Catalog server mechanism, the system must query

 

each domain for the data. Make sure that this service account can connect to

 

all the LDAP servers in each domain.

 

The Polycom RealPresence DMA system initially assigns the Administrator

 

user role to this user (see User Roles Overview on page 301), so you can use

 

this account to give administrative access to other enterprise user accounts.

 

Caution: Leaving a user role assigned to this account represents a serious

 

security risk. For best security, remove the Administrator user role and mark

 

this account disabled in the Polycom RealPresence DMA system (not the

 

Active Directory) so that it can’t be used for conferencing or for logging into

 

the Polycom RealPresence DMA system management interface.

 

 

Password

Login password for service account user ID.

 

 

User LDAP filter

Specifies which user accounts to include (an underlying, non-editable filter

 

excludes all non-user objects in the directory). The default expression

 

includes all users that don’t have a status of disabled in the directory.

 

Don’t edit this expression unless you understand LDAP filter syntax. See RFC

 

2254 for syntax information.

 

 

Base DN

Can be used to restrict the Polycom RealPresence DMA system to work with

 

a subset of the Active Directory (such as one tree of multiple trees, a subtree,

 

or a domain). Leave the default setting, All Domains, initially. See

 

Understanding Base DN on page 160.

 

 

Time of day to refresh cache

Time at which the Polycom RealPresence DMA system should log into the

 

directory server(s) and update its cache of user and group data.

 

 

Territory

Specifies the territory whose Polycom RealPresence DMA system cluster is

 

responsible for updating the user and group data cache.

 

In a superclustered system, this information is shared across the supercluster.

 

The other clusters access the directory only to authenticate passwords. See

 

Territories on page 294 for more information.

 

 

Polycom, Inc.

155

Page 155
Image 155
Polycom 3725-76302-001O manual Understanding Base DN on