E.0 LDAP User Authentication

The password for admin always comes from the Conferencing internal database so that an administrator is able to log on even if directory servers are not available. Because the password must be passed over the network in plain text, we recommend deployment through SSL.

After you synchronize Conferencing by using LDAP, you cannot use the useradmin account to manage user rights, unless you have a matching user in your LDAP directory. Only the admin account continues to work with its original password.

You can use the admin account to sign on to and manage any community by using the following form of screen name:

admin@community name

For example, to sign on to the default user community, use:

admin@Users

You can then configure users synchronized from the LDAP directory to be community administrators. You can also adjust system policies, etc. for that community. The preferred method for changing fields synchronized from LDAP is to change them on the LDAP server. If you change fields locally, those changes might be overwritten during the next LDAP sync.

IMPORTANT:You must be in the /opt/iic/bin/ directory whenever you run the ldap-sync.sh command.